[openstack-dev] Fuel
Tizy Ninan
tizy.elza at gmail.com
Tue May 6 05:51:49 UTC 2014
Hi
We are trying to integrate the openstack setup with the Microsoft Active
Directory(LDAP server).
As per openstack documentation,
http://docs.openstack.org/admin-guide-cloud/content/configuring-keystone-for-ldap-backend.html
in
order to integrate with an LDAP server, an SELinux Boolean variable
‘authlogin_nsswitch_use_ldap’ needs to be set. We tried setting the
variable using the following command.
$ setsebool –P authlogin_nsswitch_use_ldap 1
It returned a message stating SElinux is disabled. We changed the status of
SElinux to permissive mode and tried setting the boolean variable, but it
returned a message stating ‘record not found in the database’.
We also tried retrieving all the boolean variables by using the following
command
$getsebool –a
It listed out all the boolean variables, but there was no variable named
‘authlogin_nsswitch_use_ldap’ in the list.
In order to add the variable we needed semanage. When executing the
‘semanage’ command it returned ‘command not found’. To install semanage we
tried installing policycoreutils-python. It showed no package
policycoreutils-python available.
We are using Mirantis Fuel v4.0. We have an openstack Havana deployment on
CentOS 6.4 and nova-network network service.
Can you please help us on why the SELinux boolean variable
(authlogin_nsswitch_use_ldap) is not available. Is it because the CentOS
image provided by the Fuel master node does not provide the SELinux
settings? Is there any alternative ways to set this boolean variable?
Kindly help us to resolve this issue.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140506/2bfa2601/attachment.html>
More information about the OpenStack-dev
mailing list