Hi,
I'm currently trying to configure automount for home directories with
Kerberized NFSv4.
I'm struggling with two issues that may or may not be related:
1) Can't read my home directory. I have to type kinit manually first on
each integrated client for this to work. I think it is related to the
latest versions of sssd on Centos 7 / Fedora 21 (1.12.2-58), ipa of maybe
nss, a 1 or 2 months outdate centos was working first and got broken after
an update.
2) Can't create home directories for new users : Permission denied for
oddjob-mkhomedir script. I can also experience this as root : can't mkdir
/home/someuser, permission denied (see my mount chain in freeipa below).
Related to NFSv4?
Here is my setup and various information:
- I'm not using selinux
- Exports :
/home.shared *(rw,sec=krb5:krb5i:krb5p)
- Mount chain :
* -fstype=nfs4,sec=krb5i,rw,proto=tcp,port=2049,rsize=8192,wsize=8192
home01.net:/home.shared/&
- Experienced on Centos 7 and Fedora 21
- FreeIPA server 4.1.4
- I used ipa-client-automount on clients and server.
- Same behavior with/without a dedicated service principal on client
- Some errors in NFS server logs :
rpc.gssd - WARNING: can't create tcp rpc_clnt to server <ipa-server>
for user with uid 0: RPC: Remote system error - No route to host <-- at
different times
oddjobd: Error
org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown: Could not
determine security context for '1:<###>' <-- before oddjob-mkhomedir on new
user
Have you got the same problems and did you manage to fix them?
Thanks by advance,
--
Youenn Piolet
piole...@gmail.com
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
