Hi, Kind of a wild shot, but what mode is selinux in?
I find if its enforcing all sorts of things pop up not working on occasion.... regards ________________________________ From: freeipa-users-boun...@redhat.com [freeipa-users-boun...@redhat.com] on behalf of nasir nasir [kollath...@yahoo.com] Sent: Friday, 13 May 2011 2:02 p.m. To: Rob Crittenden Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] FreeIPA for Linux desktop deployment Thanks for the reply Rob ! I had tried with all the log files you mentioned and had kept most of them in debug mode. Tried again now. The only error or clue I could see was the following I already mentioned in my previous mail, oddjob-mkhomedir[17823]: error setting permissions on /home/nasir: Operation not permitted I don't think it is a problem due to autofs as this is the error when I am getting while trying to login after MANUALLY MOUTING this partition also! There is some permission blocking oddjob from creating the home folder on the fly. I can't see any debug option for /etc/oddjobd.conf file to go further. Please help. Thanks and regards, Nidal --- On Thu, 5/12/11, Rob Crittenden <rcrit...@redhat.com> wrote: > From: Rob Crittenden <rcrit...@redhat.com> > Subject: Re: [Freeipa-users] FreeIPA for Linux desktop deployment > To: "nasir nasir" <kollath...@yahoo.com> > Cc: "Adam Young" <ayo...@redhat.com>, freeipa-users@redhat.com > Date: Thursday, May 12, 2011, 2:32 PM > nasir nasir wrote: > > Adam, > > > > I tried to follow your recommendations with RHEL 6.1 > beta on server and > > client machine. Centralized login and such things > work. I have NFS > > service too working. But automount is not working. For > the time being I > > configured my server as NFS server and created a > folder /export as a > > share for creating home folder. I have > *pam_oddjob_mkhomedir.so *enabled > > in pam files for autocreation of home folders. Now I > can manually mount > > the /export nfs share on the server and the client > successfully. But > > when I do that on server for testing and try to login > as a new user(e.g > > abc), it is not creating home folder. It gives the > following error, > > > > *oddjob-mkhomedir[16401]: error setting permissions on > /home/abc: > > Operation not permitted* > > > > I have given 777 for my /export and rw permission in > /etc/export. Output > > of the command *ipa automountlocation-tofiles > default*. > > > > * > > * > > */etc/auto.master:* > > */- /etc/auto.direct* > > */share /etc/auto.share* > > */home /etc/auto.home* > > *---------------------------* > > */etc/auto.direct:* > > *---------------------------* > > */etc/auto.share:* > > *---------------------------* > > */etc/auto.home:* > > ** -rw,nfs4,sec=krb5,soft,rsize=8192,wsize=8192 > > openipa.cohort.org:/export/home/&* > > * * > > I tried reading many docs(RHEL deployment guide, > google, FreeIPA doc > > etc). The problem is that they are confusing and > conflicting in many cases. > > > > Please advice me how to proceed. > > I'd start with system error logs: /var/log/messages, > /var/log/secure, > /var/log/audit/audit.log > > rob > > > > > Thanks and Regards, > > Nidal > > > >>>> > >>>> > Nidal, > >>>> > >>>> > OK, I'd probably do something like > this: After > >>>> > install IPA, add one host as an IPA > client with the > >>>> > following switch: --mkhomedir,, > something like > >>>> > ipa-client-install --mkhomedir -p > admin. Then, mount > >>>> > the directory that you are going to > use a /home on > >>>> > that machine. Once you create users > in IPA, the > >>>> > first time you log in as that user, > do so from that > >>>> > client, and it will attempt to > create the home > >>>> > directory for you. This should be > the only machine > >>>> > that has permissions to create > directories under > >>>> > /home. Now, create an automount > location and map, > >>>> > and create a key for /home > >>>> > >>>> > The instructions from our test day > should get you > >>>> > started: > >>>> > >>>> > https://fedoraproject.org/wiki/QA:Testcase_freeipav2_automount > >>>> > >>>> > >>> > >> > > > > > > > > _______________________________________________ > > Freeipa-users mailing list > > Freeipa-users@redhat.com > > https://www.redhat.com/mailman/listinfo/freeipa-users > > _______________________________________________ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users