[CentOS] complicated svn, apache, krb5 and selinux problem
m.roth at 5-cent.us
m.roth at 5-cent.usWed Nov 27 21:19:34 UTC 2013
- Previous message: [CentOS] Thanks for the CR packages!
- Next message: [CentOS] Question on list of packages on centos 7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
CentOS 6.4.
We've got a subversion repo on a server. Currently, it's set to use krb5.
Trouble is, the krb5.conf is set up to use pcscd authentication (using PIV
cards). Whether anything else on the server needs it, it appears that when
people issue certain svn commands (I haven't nailed down which), the thing
tries to look at the pcscd.pid... and selinux complains that this is
naughty. (We're in permissive mode.)
I don't know deeply enough if anything else really needs to do this on the
server, but I'd like to fix it so that doing svn stuff does *not* invoke
that call. It *appears* if I comment out the pkinit_identities, we don't
get the error (for obvious reasons).
Ideally, I'd like to find some way to configure subversion - maybe in the
/etc/httpd/conf.d/subversion.conf - so that it doesn't try that, but we
*do* want it to do password krb5 authentication.
Does this make sense? If so, is it do-able?
mark, back at googling
- Previous message: [CentOS] Thanks for the CR packages!
- Next message: [CentOS] Question on list of packages on centos 7
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list