I'm migrating from a legacy NIS setup to ipa. I have a number of NIS netgroups (of hosts) that are being used to export (non-kerberos) nfs shares to which I would like to migrate to ipa.

I've create a new netgroup in ipa (for testing) and added some hosts to it (using ipa netgroup-add and ipa netgroup-add-member). I'm hoping that when exporting an nfs share using the @netgroup syntax in /etc/exports that the netgroup will be looked up in ipa and the share will be exported to the hosts in the netgroup.

/etc/nsswitch.conf has a line:
netgroup:   files nis sss

/etc/exports has a line:
/var/tmp/testexport @rmjnetgroup1(ro)

I haven't, so far, been able to mount the exported share on a client so I'm wondering if this setup would be expected to work?

What is confusing to me is that the section in the Redhat 6 Identity Management guide on netgroups also has information on running the NIS listener plugin so I'm wondering if perhaps this only works when running the nis listener. I'm trying to avoid that.

I'd welcome any clarification on how to do non-kerberised nfs exports to groups of hosts.


Roderick Johnstone

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to