Hi guys
When I sign a zone I get lots of: ... File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/26365760-a70d-19be-2db1-a80adc796477.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
zone private.road/IN (signed): sending notifies (serial 1642004083) client @0x7f8f7c1948b8 10.3.1.99#39887: received notify for zone 'private.road'
Are those a reason to worry & investigate? If not then what do they translate to?
many thanks, L
lejeczek via FreeIPA-users wrote:
Hi guys
When I sign a zone I get lots of: ... File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/26365760-a70d-19be-2db1-a80adc796477.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
zone private.road/IN (signed): sending notifies (serial 1642004083) client @0x7f8f7c1948b8 10.3.1.99#39887: received notify for zone 'private.road'
Are those a reason to worry & investigate? If not then what do they translate to?
I'd start by checking for SELinux AVCs and FS permissions.
I seem to recall that another user has reported a race condition related to softhsm2.
rob
On 12/01/2022 18:31, Rob Crittenden wrote:
lejeczek via FreeIPA-users wrote:
Hi guys
When I sign a zone I get lots of: ... File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/26365760-a70d-19be-2db1-a80adc796477.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
File.cpp(94): Could not open the file (Permission denied): /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/9776a26e-2ad9-1b46-b65c-11265eee7fbd.object
zone private.road/IN (signed): sending notifies (serial 1642004083) client @0x7f8f7c1948b8 10.3.1.99#39887: received notify for zone 'private.road'
Are those a reason to worry & investigate? If not then what do they translate to?
I'd start by checking for SELinux AVCs and FS permissions.
I seem to recall that another user has reported a race condition related to softhsm2.
rob
folder and its content: drwxrws---. 2 ods named 12288 Jan 12 16:14 /var/lib/ipa/dnssec/tokens/4ee2f633-3b2a-ef03-6909-473386d17234/
fcontext labels are as policies dictate, no SELinux issues unless some things are denied silently. This is on Centos 9 - should I make it a BZ? thanks, L.
freeipa-users@lists.fedorahosted.org
-
lejeczek -
Rob Crittenden