On Tue, Jan 27, 2015 at 10:03:37PM +0000, Roderick Johnstone wrote:
> Hi
> I'm migrating from a legacy NIS setup to ipa. I have a number of NIS
> netgroups (of hosts) that are being used to export (non-kerberos) nfs shares
> to which I would like to migrate to ipa.
> I've create a new netgroup in ipa (for testing) and added some hosts to it
> (using ipa netgroup-add and ipa netgroup-add-member). I'm hoping that when
> exporting an nfs share using the @netgroup syntax in /etc/exports that the
> netgroup will be looked up in ipa and the share will be exported to the
> hosts in the netgroup.
> /etc/nsswitch.conf has a line:
> netgroup:   files nis sss
> /etc/exports has a line:
> /var/tmp/testexport @rmjnetgroup1(ro)
> I haven't, so far, been able to mount the exported share on a client so I'm
> wondering if this setup would be expected to work?
> What is confusing to me is that the section in the Redhat 6 Identity
> Management guide on netgroups also has information on running the NIS
> listener plugin so I'm wondering if perhaps this only works when running the
> nis listener. I'm trying to avoid that.
> I'd welcome any clarification on how to do non-kerberised nfs exports to
> groups of hosts.

Does getent netgroup rmjnetgroup1 show the hosts you'd expect?

Manage your subscription for the Freeipa-users mailing list:
Go To http://freeipa.org for more info on the project

Reply via email to