Aravindh Sampathkumar via FreeIPA-users wrote:
> Hello list,
>
> I'm trying to move from NIS to FreeIPA for authentication in a cluster.
> I already setup FreeIPA server running version 4.5.0 on CentOS 7 and it
> works good. I've got a few Centos 7 and Fedora 23 clients talking to it
> all good.
On pe, 12 tammi 2018, Bryce Larson via FreeIPA-users wrote:
We have function that are supposed to be called in a plugin from a post_callback
It's registered with:
user.user_add.register_post_callback(useradd_postcallback)
The plugin is at
so why is it working with the home folders then?
i thought also this gets fixed by my manual systemctl restart rpc-gssd ?
if this is the error i think apparmor is involved in this….
> On 12. Jan 2018, at 18:47, Robbie Harwood wrote:
>
> jcccb via FreeIPA-users
> jcccb via FreeIPA-users
>
> Well this is the source of the problem, isn't it? I don't think NFS
> brought up GSSAPI support.
>
> Thanks,
> --Robbie
then its an APPARMOR related problem i guess
thought i fixed this error with systemctl
We have function that are supposed to be called in a plugin from a post_callback
It's registered with:
user.user_add.register_post_callback(useradd_postcallback)
The plugin is at /usr/lib/python2.7/site-packages/ipaserver/plugins/csAccount.py
It doesn't seem to be called at all, it used to.
jcccb via FreeIPA-users writes:
> Jan 12 15:25:12 nfs_server systemd[1]: Starting Kernel Module supporting
> RPCSEC_GSS...
> Jan 12 15:25:12 nfs_server systemd[1]: Starting Preprocess NFS
> configuration...
> Jan 12 15:25:12 nfs_server systemd[1]:
jcccb via FreeIPA-users writes:
> freeipa-server is an fedora27 with selinux active but i cant see any
> errors in the logs while restarting autofs service so far
What OS/package versions is everything?
Thanks,
--Robbie
signature.asc
Description: PGP
Hello list,
I'm trying to move from NIS to FreeIPA for authentication in a cluster.I
already setup FreeIPA server running version 4.5.0 on CentOS 7 and
it works good. I've got a few Centos 7 and Fedora 23 clients talking
to it all good.
We have a few legacy nodes that *fedora 14* and *fedora 20*
Hello.
I was curious if there is something built in to FreeIPA (4.5.0 on CentOS) as a
whole or if someone has created scripts or the like that perform access rights
lookups without doing the typical hbac rule lookups which requires user -> host
-> service (as far as I know), where those things
"getent passwd" gave me on all maschines the same results
some logs from the NFS Server=
journalctl:
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12
"getent passwd" gave me on all maschines the same results
some logs from the NFS Server=
journalctl:
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12 14:37:14 nfs_server sssd_be[216]: GSSAPI client step 1
Jan 12
Aravindh Sampathkumar via FreeIPA-users
writes:
> localmachine > ssh admin@c10b01
>
> It keeps repeating the password prompts in spite of supplying the
> correct password. No meaningful errors thrown either.
Please increase the verbosity of ssh (i.e., add
Hi list,
Just closing the loop on this one.
This issue finally got resolved for us after installing the latest FreeIPA
update available for CentOS 7:
OS version: CentOS Linux release 7.4.1708 (Core)
ipa-server-trust-ad-4.5.0-22.el7.centos.x86_64
ipa-common-4.5.0-22.el7.centos.noarch
On 10/01/18 15:53, Alexander Bokovoy wrote:
Looks like you are using KEYRING type of Kerberos ccache
in both the
host and LXCs. KEYRING is not namespaced, so your LXCs are
using
whatever was put in the KEYRING ccache for the same user
(root) on the
host.
From within LXCs, remove
On 12/01/18 12:32, Alexander Bokovoy wrote:
On pe, 12 tammi 2018, lejeczek via FreeIPA-users wrote:
On 11/01/18 18:55, Florence Blanc-Renaud wrote:
then the problem you are seeing is probably BZ 14852017
[RFE] If the umask is too restrictive the installation
won't work [1]
Did you
On pe, 12 tammi 2018, lejeczek via FreeIPA-users wrote:
On 11/01/18 18:55, Florence Blanc-Renaud wrote:
then the problem you are seeing is probably BZ 14852017 [RFE] If the
umask is too restrictive the installation won't work [1]
Did you install the master with a umask different from 022?
Hello list.
I'm a new user of FreeIPA trying to use it to manage SSH user
authentication in a cluster of CentOS machines.
I built a server dedicated to run FreeIPA server and have successfully
set it up. I'm able to get the web UI from it, and everything seems as
expected based on the docs.
I
On 11/01/18 20:28, Rob Crittenden wrote:
lejeczek via FreeIPA-users wrote:
On 11/01/18 17:12, Florence Blanc-Renaud wrote:
I must admit that I'm getting lost among all the errors... Can you
summarize your topology (for instance server A installed as first IPA
master, then server B
On 11/01/18 18:55, Florence Blanc-Renaud wrote:
then the problem you are seeing is probably BZ 14852017
[RFE] If the umask is too restrictive the installation
won't work [1]
Did you install the master with a umask different from
022? In this case, some configuration files are probably
not
-Sorry, I clink on reply instead of reply to all
Both servers running Centos (7.4, last test from today)
[root@gcp-sec-ipamaster-01 ~]# cat /etc/redhat-release
CentOS Linux release 7.4.1708 (Core)
IPA packages
[root@gcp-dmz-ipareplica-01 ipa]# rpm -qa | grep ipa| sort
On pe, 12 tammi 2018, Nacho del Rey via FreeIPA-users wrote:
Hi list
I have spent several days trying to configure a mater<->replica
scenario but I'm having a problem with the dns which doesn't allow to
me to go ahead
I could deploy an IPA server successfully in a Centos 7.3 using the
Hi list
I have spent several days trying to configure a mater<->replica scenario but
I'm having a problem with the dns which doesn't allow to me to go ahead
I could deploy an IPA server successfully in a Centos 7.3 using the following
command
ipa-server-install --realm .COM
22 matches
Mail list logo