Learn more about these different git repos.
Other Git URLs
libsemanage calls mkdir() and then requires that the directory is created with permissions 0700. That doesn't work well for programs like sssd that set umask to a very restrictive value (like 177).
I consider this a bug in libsemanage, since they require custom permissions, they should set a sensible umask themselves, but we need to work around it for the short term.
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1184982
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1184982 1184982]
owner: somebody => jhrozek
priority: major => blocker
This ticket was requested by a downstream. I'm bypassing the triage and moving to 1.12.4
milestone: NEEDS_TRIAGE => SSSD 1.12.4
patch: 0 => 1
resolution: => fixed
status: new => closed
changelog: => Setting the SELinux label for a user works correctly again and the selinux_child process no longer errors out with a "Permission Denied" error.
Metadata Update from @jhrozek:
- Issue assigned to jhrozek
- Issue set to the milestone: SSSD 1.12.4
to comment on this ticket.