On 05/12/2011 03:30 PM, nasir nasir wrote:

I tried to follow your recommendations with RHEL 6.1 beta on server and client machine. Centralized login and such things work. I have NFS service too working. But automount is not working. For the time being I configured my server as NFS server and created a folder /export as a share for creating home folder. I have *pam_oddjob_mkhomedir.so *enabled in pam files for autocreation of home folders. Now I can manually mount the /export nfs share on the server and the client successfully. But when I do that on server for testing and try to login as a new user(e.g abc), it is not creating home folder. It gives the following error,

*oddjob-mkhomedir[16401]: error setting permissions on /home/abc: Operation not permitted*

It might be a root squash issue. My guess is that the order of operations for creating a root directory, which is done by root, is:

1.  mkdir /home/userid
2.  chown uid:gid  /home/userid

It sounds from the error message that the first stage happened, but NFS is not allowing the second stage. To confirm, as a root (and kinit admin) user on the client machine, just try these two steps in order and see if they still fail.

chown is a different system call from mkdir, and might have different nfs enforced permissions. You probably need rwx permissions in /etc/export.

I have given 777 for my /export and rw permission in /etc/export. Output of the command *ipa automountlocation-tofiles default*.

*/-      /etc/auto.direct*
*/share  /etc/auto.share*
*/home   /etc/auto.home*
** -rw,nfs4,sec=krb5,soft,rsize=8192,wsize=8192 openipa.cohort.org:/export/home/&*
I tried reading many docs(RHEL deployment guide, google, FreeIPA doc etc). The problem is that they are confusing and conflicting in many cases.

There is a lot of old information on the site that needs to be updated to 2.0, and we are working on that. the more input (tickets logged into Trac) we can get for that the better.

Please advice me how to proceed.

Thanks and Regards,


                OK, I'd probably do something like this:  After
                install IPA, add one host as an IPA client with the
following switch: --mkhomedir,, something like ipa-client-install --mkhomedir -p admin. Then,
                mount the directory that you are going to use a
                /home on that machine.  Once you create users in
                IPA, the first time you log in as that user, do so
                from that client, and it will attempt to create the
                home directory for you.    This should be the only
                machine that has permissions to create directories
                under /home.  Now, create an automount location and
                map, and create a key for /home

                The instructions from our test day should get you


Freeipa-users mailing list

Reply via email to