On Wed, 2012-06-20 at 13:23 -0400, Rob Crittenden wrote: > Rob Crittenden wrote: > > Rob Crittenden wrote: > >> Here is a tool that can be used to configure automount in an IPA client. > >> It can use either SSSD or autofs for automount. It also configures NFSv4 > >> on the client so secure maps will work. > > > > rebased patch > > rebase again > > rob
I finally managed to look on this patch. This is generally a good work and make things a lot easier, but still I found few issues: 1) The patch does not apply cleanly+it needs to be rebased: # git apply freeipa-rcrit-1023-3-automount.patch freeipa-rcrit-1023-3-automount.patch:210: trailing whitespace. freeipa-rcrit-1023-3-automount.patch:264: trailing whitespace. freeipa-rcrit-1023-3-automount.patch:273: trailing whitespace. freeipa-rcrit-1023-3-automount.patch:542: trailing whitespace. .\" freeipa-rcrit-1023-3-automount.patch:547: trailing whitespace. .\" error: patch failed: ipapython/platform/base.py:24 error: ipapython/platform/base.py: patch does not apply 2) This is just an idea, but would it be better to call the new script "ipa-client-automount" so that it is more visible that it is from ipa-client binary family (along with ipa-client-install)? 3) KeyboardInterrupt is not caught properly: # ipa-configure-automount Searching for IPA server... IPA server: DNS discovery Location: default Continue to configure the system with these values? [no]: Traceback (most recent call last): File "/sbin/ipa-configure-automount", line 433, in <module> sys.exit(main()) File "/sbin/ipa-configure-automount", line 409, in main if not options.unattended and not ipautil.user_input("Continue to configure the system with these values?", False): File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 636, in user_input ret = raw_input("%s [%s]: " % (prompt, choice)) KeyboardInterrupt 4) Neither is EOFError (CTRL+d): # ipa-configure-automount Searching for IPA server... IPA server: DNS discovery Location: default Continue to configure the system with these values? [no]: Traceback (most recent call last): File "/sbin/ipa-configure-automount", line 433, in <module> sys.exit(main()) File "/sbin/ipa-configure-automount", line 409, in main if not options.unattended and not ipautil.user_input("Continue to configure the system with these values?", False): File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line 636, in user_input ret = raw_input("%s [%s]: " % (prompt, choice)) EOFError 5) Would it make sense to check if the given automount location exists? Currently there is no check for that: # ipa-configure-automount --server vm-091.idm.lab.bos.redhat.com --location foo Searching for IPA server... IPA server: DNS discovery Location: foo Continue to configure the system with these values? [no]: y Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started nfs-server.service Started nfs-secure.service Restarting sssd, waiting for it to become available. Started autofs.service Automount then obviously not work: Jun 21 04:05:06 localhost automount[1401]: lookup_read_map: lookup(sss): getautomntent_r: No such file or directory 6) In /etc/sssd/sssd.conf we configure ipa_automount_location and autofs_provider options. But in uninstall, we remove only ipa_automount_location and leave autofs_provider configured 7) This is related to ipa-client-install, but even when I disable autodiscovery and add --server option it still disregards it and tries to search SRV records: # ipa-configure-automount --server=vm-091.idm.lab.bos.redhat.com <after some time and SRV searches> Unable to confirm that <some-ldap-server>.redhat.com is an IPA v2 server 8) When discovery is on, we are not really verbose: # ipa-configure-automount Searching for IPA server... IPA server: DNS discovery Location: default Continue to configure the system with these values? [no]: We just write "IPA server: DNS discovery", but I would at least like to now what servers it detected so that I know it does the right thing. 9) autofs via LDAP (no SSSD )is broken when autodiscovery is used. After some investigation I found this line is causing it: + if not autodiscover: + ldap_uri = "ldap://%s" % server + else: + ldap_uri = "ldap:///%s" % api.env.basedn <<< There should be an IPA server, not basedn. When I fixed it, autofs via LDAP worked. 9) Shouldn't configure_nfs be made optional? I don't think every IPA client with autofs configured will want to have nfs-server running... 10) There are some artifacts in the man page: +.TP +Files that will be always be configured: + +/etc/nsswitch.conf + +Files that will be configured when SSSD is the automount client (default): + +/etc/sssd/sssd.conf + +Files that will be configured when using the ldap automount client: + +/etc/sysconfig/autofs + +/etc/autofs_ldap_auth.conf .TP is missing for the latter 2 file lists thus causing a bad indent. Martin _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel