4 February,20 at 11:17 PM
[tetsu@test-cent76-64 ~]$ ls -lZ .k5login
-rw-------. tetsu adusers unconfined_u:object_r:krb5_home_t:s0 .k5login
type=AVC msg=audit(1580135645.525:34549): avc: denied { read } for pid=78601 comm="sshd" name=".k5login" dev="dm-2" ino=134427554 scontext=system_u:system_r:sshd_t:s0- s0:c0.c1023 tcontext=system_u:object_r:default_t:s0 tclass=file permissive=0 The key in that message is an AVC denial. A way to get around/test is to set SELinux to permissive and then test the login. To set SELinux to permissive: setenforce permissive And to check the policy: getenforce This should return Permissive if SELinux is not enabled.