thanks! I'll try to debug at my test environment.
24.05.2016 18:01, Prasun Gera пишет: > You can stop the autofs daemon, and run it in foreground with > automount -fvv. Then try to access the mount point in parallel. The > logs from the foreground run should shed some light. Also, does your > autofs setup work without kerberos ? As a first step it to work with > non-kerberised nfs. > > On Mon, May 23, 2016 at 11:06 AM, Arthur Fayzullin <[email protected] > <mailto:[email protected]>> wrote: > > Good day, colleagues! > I am confused about how automount work and howto configure it. I have > tried to configure it according to > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html > document (paragraph 9.1.1 and chapter 20). > I have tried to make it work on 3 servers: > 1. ipa server; > 2. nfs server (node00); > 3. nfs client (postgres). > > > *** so here how it configured on ipa server: > $ ipa automountlocation-tofiles amantai > /etc/auto.master: > /- /etc/auto.direct > /home /etc/auto.home > --------------------------- > /etc/auto.direct: > --------------------------- > /etc/auto.home: > * -sec=kr5i,rw,fstype=nfs4 node00.glavsn.ab:/home/& > > maps not connected to /etc/auto.master: > > $ ipa service-find nfs > ------------------ > 2 services matched > ------------------ > Основной: nfs/[email protected] > Keytab: True > Managed by: node00.glavsn.ab > > Основной: nfs/[email protected] > Keytab: True > Managed by: postgres.glavsn.ab > > > *** here is nfs server config: > $ sudo klist -k > Пароль: > Keytab name: FILE:/etc/krb5.keytab > KVNO Principal > ---- > -------------------------------------------------------------------------- > 1 host/[email protected] > 1 host/[email protected] > 1 host/[email protected] > 1 host/[email protected] > 2 nfs/[email protected] > 2 nfs/[email protected] > 2 nfs/[email protected] > 2 nfs/[email protected] > > $ cat /etc/exports > /home *(rw,sec=sys:krb5:krb5i:krb5p) > > $ sudo firewall-cmd --list-all > public (default, active) > interfaces: bridge0 enp1s0 > sources: > services: dhcpv6-client nfs ssh > ports: 8001/tcp > masquerade: no > forward-ports: > icmp-blocks: > rich rules: > > $ getenforce > Enforcing > > > *** here nfs client config: > # klist -k > Keytab name: FILE:/etc/krb5.keytab > KVNO Principal > ---- > -------------------------------------------------------------------------- > 1 host/[email protected] > 1 host/[email protected] > 1 host/[email protected] > 1 host/[email protected] > 1 nfs/[email protected] > 1 nfs/[email protected] > 1 nfs/[email protected] > 1 nfs/[email protected] > > # firewall-cmd --list-all > FedoraServer (default, active) > interfaces: ens3 > sources: > services: cockpit dhcpv6-client ssh > ports: > protocols: > masquerade: no > forward-ports: > icmp-blocks: > rich rules: > > # mount -l (contains next string) > auto.home on /home type autofs > (rw,relatime,fd=25,pgrp=960,timeout=300,minproto=5,maxproto=5,indirect) > > # ll /home/afayzullin > ls says that it cannot access /home/afayzullin: no such file or > directory > > I have run > # ipa-client-automount --location=amantai > on client and it has completed successfully. > > I have tried to disable selinux, drop iptables rules. And now I am > little confused about what to do next. May if someone has faced with > automount config can give me some advice, or if there is any howto > config automount, or some can advise howto debug this situation? > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project > >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
