Unable to start kerberos services krb5kdc and kadmind.

Solution Verified - Updated -

Issue

  • Not able to start kerberos services - krb5kdc and kadmind through init scripts, if original file is replaced with symbolic link. It fails with below error message -
# /etc/init.d/krb5kdc start
krb5kdc: No such file or directory - while initializing database for realm EXAMPLE.COM

Relevant error message from audit logs -

type=AVC msg=audit(1326955437.799:42868): avc:  denied  { read } for  pid=9543 comm="krb5kdc" name="kdc.conf" dev=dm-1 ino=130626 scontext=unconfined_u:system_r:krb5kdc_t:s0 tcontext=unconfined_u:object_r:var_t:s0 tclass=lnk_file

Environment

  • Red Hat Enterprise Linux 6.2
  • selinux-policy-3.7.19-126.el6_2.3

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content