Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Only automounter... Odesláno ze Samsung Mobile Původní zpráva Od: Dean Hunter Datum: Komu: Rob Crittenden Kopie: freeipa-users@redhat.com Předmět: Re: [Freeipa-users] Auto-Mount Home Directory for Local Users? On Wed, 2013-06-19 at 14:00 -0400, Rob Crittenden wrote: Jakub Hrozek wrote: > On Wed, Jun 19, 2013 at 02:42:55PM +0200, Jakub Hrozek wrote: >> On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: >>> Thank you for your response. As you suggested I >>> checked /etc/nsswitch.conf. ipa-client-automount left the line looking >>> like: >>> >>> automount: sss files >> >> If it did, then I would consider it to be ipa-client-automount, I think > ^^ > "to be ipa-client-automount *bug*". Sorry for the typo https://fedorahosted.org/freeipa/ticket/3733 I guess I'd check the system logs to see if /home/local was attempted to be mounted at all. Does it exist on the NFS server? I find running automount in foreground mode with debugging to be very useful in tracking down these issues. rob Which services need to be restarted after correcting the automount entry in /etc/nsswitch.conf? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
On Thu, Jun 20, 2013 at 12:36:16PM -0500, Dean Hunter wrote: > On Wed, 2013-06-19 at 14:00 -0400, Rob Crittenden wrote: > > > Jakub Hrozek wrote: > > > On Wed, Jun 19, 2013 at 02:42:55PM +0200, Jakub Hrozek wrote: > > >> On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: > > >>> Thank you for your response. As you suggested I > > >>> checked /etc/nsswitch.conf. ipa-client-automount left the line looking > > >>> like: > > >>> > > >>> automount: sss files > > >> > > >> If it did, then I would consider it to be ipa-client-automount, I think > > > ^^ > > > "to be ipa-client-automount *bug*". Sorry for the typo > > > > https://fedorahosted.org/freeipa/ticket/3733 > > > > I guess I'd check the system logs to see if /home/local was attempted to > > be mounted at all. Does it exist on the NFS server? > > > > I find running automount in foreground mode with debugging to be very > > useful in tracking down these issues. > > > > rob > > > > Which services need to be restarted after correcting the automount entry > in /etc/nsswitch.conf? > Primarily automounter. You can restart SSSD as well before you restart automounter to make sure SSSD is contacted for the right data from the right map. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
On Wed, 2013-06-19 at 14:00 -0400, Rob Crittenden wrote: > Jakub Hrozek wrote: > > On Wed, Jun 19, 2013 at 02:42:55PM +0200, Jakub Hrozek wrote: > >> On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: > >>> Thank you for your response. As you suggested I > >>> checked /etc/nsswitch.conf. ipa-client-automount left the line looking > >>> like: > >>> > >>> automount: sss files > >> > >> If it did, then I would consider it to be ipa-client-automount, I think > > ^^ > > "to be ipa-client-automount *bug*". Sorry for the typo > > https://fedorahosted.org/freeipa/ticket/3733 > > I guess I'd check the system logs to see if /home/local was attempted to > be mounted at all. Does it exist on the NFS server? > > I find running automount in foreground mode with debugging to be very > useful in tracking down these issues. > > rob > Which services need to be restarted after correcting the automount entry in /etc/nsswitch.conf? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Just move the home directory out of /home if you don't want it auto mounted at all. # usermod -m -d /export/home/local local That will move it out of /home and copy the contents to the new location of /export/home. Since /export/home isn't in the auto.home map it will skip auto mounting. Or if the user is an IPA user its: # ipa-moduser -directory=/export/home/local local -Eli From: Dean Hunter mailto:deanhun...@comcast.net>> Date: Wednesday, June 19, 2013 11:07 PM To: "freeipa-users@redhat.com<mailto:freeipa-users@redhat.com>" mailto:freeipa-users@redhat.com>> Subject: Re: [Freeipa-users] Auto-Mount Home Directory for Local Users? Resent-From: mailto:elijah.elli...@moser-inc.com>> Thanks to all for the suggestions. Adding a "local" key to "/etc/auto.home" resolved the problem: [root@host<mailto:root@host> ~]# ipa automountlocation-tofiles VM /etc/auto.master: /- /etc/auto.direct /home /etc/auto.home --- /etc/auto.direct: /mnt/Shared -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/Shared --- /etc/auto.home: * -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/home/& local -fstype=nfs4,sec=sys host.hunter.org:/srv/nfs/home/local maps not connected to /etc/auto.master: [root@host<mailto:root@host> ~]# The only thing that would be better is if "local" did not auto-mount at all. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Thanks to all for the suggestions. Adding a "local" key to "/etc/auto.home" resolved the problem: [root@host ~]# ipa automountlocation-tofiles VM /etc/auto.master: /- /etc/auto.direct /home /etc/auto.home --- /etc/auto.direct: /mnt/Shared -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/Shared --- /etc/auto.home: * -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/home/& local -fstype=nfs4,sec=sys host.hunter.org:/srv/nfs/home/local maps not connected to /etc/auto.master: [root@host ~]# The only thing that would be better is if "local" did not auto-mount at all. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
On Wed, 2013-06-19 at 14:00 -0400, Rob Crittenden wrote: > https://fedorahosted.org/freeipa/ticket/3733 > > I guess I'd check the system logs to see if /home/local was attempted to > be mounted at all. Does it exist on the NFS server? > > I find running automount in foreground mode with debugging to be very > useful in tracking down these issues. > > rob > Yes, /home/local exists on the NFS server. And I can mount it manually. I am suspicious that "sec=krb5p" is not valid with a user that is not authenticated by IPA. But I do not know how to configure an alternative for locally authenticated users. I am about to try the suggestions from Brian Cook and Elijah Elliott. [root@host ~]# ipa automountlocation-tofiles VM /etc/auto.master: /- /etc/auto.direct /home /etc/auto.home --- /etc/auto.direct: /mnt/Shared -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/Shared --- /etc/auto.home: * -fstype=nfs4,sec=krb5p host.hunter.org:/srv/nfs/home/& maps not connected to /etc/auto.master: [root@host ~]# cat /etc/exports # The file /etc/exports contains a table of local physical file systems # on an NFS server that are accessible to NFS clients. The contents of # the file are maintained by the server's system administrator. # # Each file system in this table has a list of options and an access con- # trol list. The table is used by exportfs(8) to give information to # mountd(8). # # Local File System Options Access Control List #-- -- /srv/nfs/home-rw,sec=krb5p:krb5i:sys *.hunter.org /srv/nfs/ISO -ro,sec=sys *.hunter.org /srv/nfs/Shared -rw,sec=krb5p:krb5i:sys *.hunter.org [root@host ~]# Please advise which system logs you would check as none of the ones I can find show any indication of a problem. And can you give me a pointer to documentation on how to run "automount in foreground mode with debugging"? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Jakub Hrozek wrote: On Wed, Jun 19, 2013 at 02:42:55PM +0200, Jakub Hrozek wrote: On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: Thank you for your response. As you suggested I checked /etc/nsswitch.conf. ipa-client-automount left the line looking like: automount: sss files If it did, then I would consider it to be ipa-client-automount, I think ^^ "to be ipa-client-automount *bug*". Sorry for the typo https://fedorahosted.org/freeipa/ticket/3733 I guess I'd check the system logs to see if /home/local was attempted to be mounted at all. Does it exist on the NFS server? I find running automount in foreground mode with debugging to be very useful in tracking down these issues. rob ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
On Wed, Jun 19, 2013 at 02:42:55PM +0200, Jakub Hrozek wrote: > On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: > > Thank you for your response. As you suggested I > > checked /etc/nsswitch.conf. ipa-client-automount left the line looking > > like: > > > > automount: sss files > > If it did, then I would consider it to be ipa-client-automount, I think ^^ "to be ipa-client-automount *bug*". Sorry for the typo > we should always let local files override centrally defined maps. The > same goes for other (real) NSS maps like passwd or groups. > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
In /etc/auto_home add a line above +auto_home that reads /home/local -rw localhost:/export/home/local Then create the directory in /export/home, chown it properly, and you should be good. If you have any issues its probably syntax, I am fairly certain you need -rw on linux but that would not be the auto mount line for Solaris. -Eli From: , Thomas mailto:tainswo...@vsi-corp.com>> Date: Tuesday, June 18, 2013 5:34 PM To: Dean Hunter mailto:deanhun...@comcast.net>> Cc: "freeipa-users@redhat.com<mailto:freeipa-users@redhat.com>" mailto:freeipa-users@redhat.com>> Subject: Re: [Freeipa-users] Auto-Mount Home Directory for Local Users? Resent-From: mailto:elijah.elli...@moser-inc.com>> A couple of things to check (you probably have done this thought)... - Make sure the entry in /etc/nsswitch.conf reads: automount: files sss - Also, do you have a "local" account entry in /etc/passwd? That may confuse things... Tom On Tue, Jun 18, 2013 at 1:12 PM, Dean Hunter mailto:deanhun...@comcast.net>> wrote: I have successfully configured FreeIPA to auto-mount the home directory for FreeIPA users. But on those occasions when I need to login as the local administrator I can not get a home directory: [root@host ~]# ssh local@fedora19 local@fedora19's password: Could not chdir to home directory /home/local: No such file or directory -bash-4.2$ logout Connection to fedora19 closed. [root@host ~]# where local is a member of the wheel group. Where do I start? ___ Freeipa-users mailing list Freeipa-users@redhat.com<mailto:Freeipa-users@redhat.com> https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
On Tue, Jun 18, 2013 at 06:49:05PM -0500, Dean Hunter wrote: > Thank you for your response. As you suggested I > checked /etc/nsswitch.conf. ipa-client-automount left the line looking > like: > > automount: sss files If it did, then I would consider it to be ipa-client-automount, I think we should always let local files override centrally defined maps. The same goes for other (real) NSS maps like passwd or groups. ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Are you trying to mount the network home dirs to /home? I usually do something like create /home/net/ and mount them there. That way local users home dirs do not match an auto mount key. Brian On Jun 18, 2013, at 4:49 PM, Dean Hunter wrote: > Thank you for your response. As you suggested I checked /etc/nsswitch.conf. > ipa-client-automount left the line looking like: > > automount: sss files > > So I changed it to: > > automount: files sss > > rebooted and tried again. The results were the same. > > I also checked /etc/passwd. There is an entry for local which was created by > Anaconda during the system build. > > -Original Message- > From: "Ainsworth, Thomas" > To: Dean Hunter > Cc: freeipa-users@redhat.com > Subject: Re: [Freeipa-users] Auto-Mount Home Directory for Local Users? > Date: Tue, 18 Jun 2013 17:34:08 -0400 > > A couple of things to check (you probably have done this thought)... > > - Make sure the entry in /etc/nsswitch.conf reads: > > automount: files sss > > - Also, do you have a "local" account entry in /etc/passwd? That may confuse > things... > > Tom > > On Tue, Jun 18, 2013 at 1:12 PM, Dean Hunter wrote: > I have successfully configured FreeIPA to auto-mount the home directory > for FreeIPA users. But on those occasions when I need to login as the > local administrator I can not get a home directory: > > [root@host ~]# ssh local@fedora19 > local@fedora19's password: > Could not chdir to home directory /home/local: No such file or directory > -bash-4.2$ logout > Connection to fedora19 closed. > [root@host ~]# > > where local is a member of the wheel group. Where do I start? > > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
Thank you for your response. As you suggested I checked /etc/nsswitch.conf. ipa-client-automount left the line looking like: automount: sss files So I changed it to: automount: files sss rebooted and tried again. The results were the same. I also checked /etc/passwd. There is an entry for local which was created by Anaconda during the system build. -Original Message- From: "Ainsworth, Thomas" To: Dean Hunter Cc: freeipa-users@redhat.com Subject: Re: [Freeipa-users] Auto-Mount Home Directory for Local Users? Date: Tue, 18 Jun 2013 17:34:08 -0400 A couple of things to check (you probably have done this thought)... - Make sure the entry in /etc/nsswitch.conf reads: automount: files sss - Also, do you have a "local" account entry in /etc/passwd? That may confuse things... Tom On Tue, Jun 18, 2013 at 1:12 PM, Dean Hunter wrote: I have successfully configured FreeIPA to auto-mount the home directory for FreeIPA users. But on those occasions when I need to login as the local administrator I can not get a home directory: [root@host ~]# ssh local@fedora19 local@fedora19's password: Could not chdir to home directory /home/local: No such file or directory -bash-4.2$ logout Connection to fedora19 closed. [root@host ~]# where local is a member of the wheel group. Where do I start? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
Re: [Freeipa-users] Auto-Mount Home Directory for Local Users?
A couple of things to check (you probably have done this thought)... - Make sure the entry in /etc/nsswitch.conf reads: automount: files sss - Also, do you have a "local" account entry in /etc/passwd? That may confuse things... Tom On Tue, Jun 18, 2013 at 1:12 PM, Dean Hunter wrote: > I have successfully configured FreeIPA to auto-mount the home directory > for FreeIPA users. But on those occasions when I need to login as the > local administrator I can not get a home directory: > > [root@host ~]# ssh local@fedora19 > local@fedora19's password: > Could not chdir to home directory /home/local: No such file or directory > -bash-4.2$ logout > Connection to fedora19 closed. > [root@host ~]# > > where local is a member of the wheel group. Where do I start? > > > ___ > Freeipa-users mailing list > Freeipa-users@redhat.com > https://www.redhat.com/mailman/listinfo/freeipa-users > ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
[Freeipa-users] Auto-Mount Home Directory for Local Users?
I have successfully configured FreeIPA to auto-mount the home directory for FreeIPA users. But on those occasions when I need to login as the local administrator I can not get a home directory: [root@host ~]# ssh local@fedora19 local@fedora19's password: Could not chdir to home directory /home/local: No such file or directory -bash-4.2$ logout Connection to fedora19 closed. [root@host ~]# where local is a member of the wheel group. Where do I start? ___ Freeipa-users mailing list Freeipa-users@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-users
