ok, issue was with SELinux:
SELinux is preventing sssd_be from read access on the file /etc/hosts.
***** Plugin restorecon (99.5
confidence) suggests ************************
If you want to fix the label.
/etc/hosts default label should be
net_conf_t.
Then you can run restorecon. The access
attempt may have been stopped due to insufficient permissions to access a
parent directory in which case try to change the following command accordingly.
Do
# /sbin/restorecon -v /etc/hosts
***** Plugin catchall (1.49
confidence) suggests **************************
If you believe that sssd_be should be
allowed read access on the hosts file by default.
Then you should report this as a bug.
You can generate a local policy module
to allow this access.
Do
allow this access for now by executing:
# ausearch -c 'sssd_be' --raw |
audit2allow -M my-sssdbe
# semodule -X 300 -i my-sssdbe.pp
After '/sbin/restorecon -v /etc/hosts' I can login without problems
_______________________________________________
FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org
To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org
