[openstack-dev] Fuel

Adam Young ayoung at redhat.com
Fri May 9 03:22:16 UTC 2014 

On 05/06/2014 09:01 PM, Roman Sokolkov wrote:
> Tizy,
>
> Selinux is disabled on all nodes under Fuel.
>
>     https://github.com/stackforge/fuel-library/blob/stable/4.0/deployment/puppet/cobbler/templates/kickstart/centos.ks.erb#L32
>
>
> You could check it by "getenforce" command. It should report "Disabled".
>
> So you could simply pass all steps related to Selinux.
>
> Thank you.
Yeah, you don't need to deal with SELinux if SELinux is disabled.


>
>
> On Tue, May 6, 2014 at 12:51 AM, Tizy Ninan <tizy.elza at gmail.com 
> <mailto:tizy.elza at gmail.com>> wrote:
>
>     Hi
>
>     We are trying to integrate the openstack setup with the Microsoft
>     Active Directory(LDAP server).
>
>     As per openstack documentation,
>     http://docs.openstack.org/admin-guide-cloud/content/configuring-keystone-for-ldap-backend.html  in
>     order to integrate with an LDAP server, an SELinux Boolean
>     variable 'authlogin_nsswitch_use_ldap' needs to be set. We tried
>     setting the variable using the following command.
>     $ setsebool --P authlogin_nsswitch_use_ldap 1
>     It returned a message stating SElinux is disabled. We changed the
>     status of SElinux to permissive mode and tried setting the boolean
>     variable, but it returned a message stating 'record not found in
>     the database'.
>
>     We also tried retrieving all the boolean variables by using the
>     following command
>     $getsebool --a
>     It listed out all the boolean variables, but there was no variable
>     named 'authlogin_nsswitch_use_ldap' in the list.
>     In order to add the variable we needed semanage. When executing
>     the 'semanage' command it returned 'command not found'. To install
>     semanage we tried installing policycoreutils-python. It showed no
>     package policycoreutils-python available.
>
>     We are using Mirantis Fuel v4.0. We have an openstack Havana
>     deployment on CentOS 6.4 and nova-network network service.
>     Can you please help us on why the SELinux boolean variable
>     (authlogin_nsswitch_use_ldap) is not available. Is it because the
>     CentOS image provided by the Fuel master node  does not provide
>     the SELinux settings?  Is there any alternative ways to set this
>     boolean variable?
>
>     Kindly help us to resolve this issue.
>
>     _______________________________________________
>     OpenStack-dev mailing list
>     OpenStack-dev at lists.openstack.org
>     <mailto:OpenStack-dev at lists.openstack.org>
>     http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
>
> -- 
> Roman Sokolkov,
> Deployment Engineer,
> Mirantis, Inc.
> Skype rsokolkov,
> rsokolkov at mirantis.com <mailto:rsokolkov at mirantis.com>
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140508/b4f4ed7e/attachment.html>

More information about the OpenStack-dev mailing list