[Date Prev][Date Next] [Chronological] [Thread] [Top]

[OT] SELinux woes


Trying to switch to slapd.conf instead of dynamic configuration in
order to test the back-sql backend I ran into a problem with SELinux
that I do not understand.

The startup fails with the error:

/etc/openldap/slapd.conf: line 27: invalid path: Permission denied

Disabling SELinux fixes the problem, however I'm not sure what is
going on.  The line in question is naturally the "directory" that
points in this case to /var/lib/ldap.  That directory is a hand-made
clone of the original one that was there which was moved (renamed) out
of the way.  Here is what I did:

mv /etc/openldap/slapd.d   /etc/openldap/slapd.d.BAK
mv /var/lib/ldap /var/lib/ldap.BAK
mkdir /var/lib/ldap
chown ldap:ldap /var/lib/ldap
chmod 700 /var/lib/ldap
create a simple /etc/openldap/slapd.conf

The ownership and permissions on ldap and ldap.BAK directories are
identical.  OpenLDAP works fine if I disable SELinux.

What is SELinux doing here?