On Mon, Apr 21, 2014 at 4:03 PM, Dean Hunter <deanhun...@comcast.net> wrote:
> On Mon, 2014-04-21 at 14:05 -0500, Dean Hunter wrote:
>
> I am sorry, but I have forgotten where to start to diagnose this problem.
> Please remind me.
>
> [dean@host ~]$ ssh desktop.hunter.org
> Last login: Sun Apr 20 21:12:38 2014 from host.hunter.org
> Could not chdir to home directory /home/net/dean: Permission denied
> -bash: /home/net/dean/.bash_profile: Permission denied
> -bash-4.2$ pwd
> /
> -bash-4.2$ ls -l /home
> total 4
> drwx------. 4 local local 4096 Apr 20 21:04 local
> drwxr-xr-x. 3 root  root     0 Apr 21 13:48 net
> -bash-4.2$ ls -l /home/net
> total 8
> drwx--x---. 29 dean dean 4096 Apr 20 21:28 dean
> -bash-4.2$ ls -l /home/net/dean
> ls: cannot access /home/net/dean: Permission denied
> -bash-4.2$ whoami
> dean
> -bash-4.2$ exit
> logout
> -bash: /home/net/dean/.bash_logout: Permission denied
> Connection to desktop.hunter.org closed.
> [dean@host ~]$
>
> desktop.hunter.org is a VM that I have rebuilt several times trying to work
> around this problem. ipa-client-install and  ipa-client-automount completed
> without error messages.  /home/net/dean is accessible when I log-in through
> gdm and Virtual Machine Manager.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
> Now it appears as though that ssh fails to access the auto-mount home
> directory until after successful gdm log-in:
>
      I still suck at osssd (I assume the host you are connecting to
is rh/centos/fedora), but in pam you have to define each way you are
logging (gdm, ssh, screensaver) in to get a kerberos ticket, and
create the cache in /tmp after you are successfully authenticated.
automount then can use that ticket to do its thing. You will also
notice if you kinit manually you will then be able to cd to that
directory.

That is where I would start looking at.

>
> [dean@host ~]$ ssh desktop.hunter.org
> Last login: Mon Apr 21 14:34:51 2014 from host.hunter.org
> [dean@desktop ~]$ pwd
> /home/net/dean
> [dean@desktop ~]$ sudo -l
> Matching Defaults entries for dean on desktop:
>     requiretty, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE
> INPUTRC
>     KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG
> LC_ADDRESS
>     LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT
>     LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER
>     LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET
>     XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin
>
> User dean may run the following commands on desktop:
>     (root : root) NOPASSWD: ALL
> [dean@desktop ~]$ yum list installed freeipa-*
> Loaded plugins: langpacks, refresh-packagekit
> Installed Packages
> freeipa-client.x86_64                3.3.4-3.fc20
> @local-updates
> freeipa-python.x86_64                3.3.4-3.fc20
> @local-updates
> [dean@desktop ~]$ logout
>
> Connection to desktop.hunter.org closed.
> [dean@host ~]$
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users@redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

_______________________________________________
Freeipa-users mailing list
Freeipa-users@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-users

Reply via email to