On Fri, Sep 13, 2013 at 12:10:03PM +0100, Rowland Penny wrote: > On 13/09/13 10:34, Rowland Penny wrote: > >On 13/09/13 10:23, steve wrote: > >>On Fri, 2013-09-13 at 10:38 +0200, steve wrote: > >>>On Fri, 2013-09-13 at 10:26 +0200, Jakub Hrozek wrote: > >>>>On Fri, Sep 13, 2013 at 01:53:13AM +0200, steve wrote: > >>>>>Hi > >>>>>Problems with autofs on a 1.11.1 git: > >>>>> > >>>>>The only error I can see is this: > >>>>>2013-09-13T01:47:34.264459+02:00 catral automount[2569]: > >>>>>setautomntent: > >>>>>lookup(sss): setautomntent: No such file or directory > >>>>> > >>>>>and nothing gets mounted. > >>>>> > >>>>>sssd starts fine. Here is the conf: > >>>>>[sssd] > >>>>>#debug_level = 6 > >>>>>services = nss, pam, autofs > >>>>>config_file_version = 2 > >>>>>domains = default > >>>>> > >>>>>[nss] > >>>>> > >>>>>[pam] > >>>>> > >>>>>[autofs] > >>>>> > >>>>>[domain/default] > >>>>>#debug_level=6 > >>>>>dyndns_update=true > >>>>>#dyndns_refresh_interval=16 > >>>>>ad_hostname = catral.hh3.site > >>>>>ad_server = hh16.hh3.site > >>>>>ad_domain = hh3.site > >>>>>ldap_schema = ad > >>>>>id_provider = ad > >>>>>access_provider = simple > >>>>>enumerate = false > >>>>>cache_credentials = true > >>>>>#entry_cache_timeout = 60 > >>>>>auth_provider = krb5 > >>>>>chpass_provider = krb5 > >>>>>krb5_realm = HH3.SITE > >>>>>krb5_server = hh16.hh3.site > >>>>>krb5_kpasswd = hh16.hh3.site > >>>>> > >>>>>ldap_id_mapping=false > >>>>>ldap_referrals = false > >>>>>ldap_uri = ldap://hh16.hh3.site > >>>>>ldap_search_base = dc=hh3,dc=site > >>>>>#ldap_tls_cacertdir = /usr/local/samba/private/tls > >>>>>#ldap_id_use_start_tls = true > >>>>>#entry_negative_timeout = 1 > >>>>>ldap_user_object_class = user > >>>>>ldap_user_name = samAccountName > >>>>>ldap_user_uid_number = uidNumber > >>>>>ldap_user_gid_number = gidNumber > >>>>>ldap_user_home_directory = unixHomeDirectory > >>>>>ldap_user_shell = loginShell > >>>>>ldap_group_object_class = group > >>>>>ldap_group_search_base = dc=hh3,dc=site > >>>>>ldap_group_name = cn > >>>>>ldap_group_member = member > >>>>> > >>>>> > >>>>>#ldap_default_bind_dn = cn=steve2,cn=Users,dc=dolores,dc=site > >>>>>#ldap_default_authtok_type = password > >>>>>#ldap_default_authtok = s2 > >>>>> > >>>>>ldap_sasl_mech = gssapi > >>>>>ldap_sasl_authid = [email protected] > >>>>>#krb5_keytab = /etc/krb5.keytab > >>>>>ldap_krb5_init_creds = true > >>>>> > >>>>>autofs_provider=ldap > >>>>> > >>>>>ldap_autofs_search_base = DC=hh3,DC=site > >>>>>ldap_autofs_map_object_class = nisMap > >>>>>ldap_autofs_entry_object_class = nisObject > >>>>>ldap_autofs_map_name = nisMapName > >>>>>ldap_autofs_entry_key = cn > >>>>>ldap_autofs_entry_value = nisMapEntry > >>>>Hi steve, > >>>> > >>>>was this setup working previously? > >>>No, it's a new setup. We want to go from files to sss. > >>>>Can you paste an example of your autofs map and entry in LDAP ? > >>>dn:cn=/home/users,CN=auto.master,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site > >>> > >>>objectClass: top > >>>objectClass: nisObject > >>>cn: /home/users > >>>name: /home/users > >>>nisMapName: auto.master > >>>nisMapEntry: auto.users > >>> > >>>dn: CN=auto.users,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site > >>>objectClass: top > >>>objectClass: nisMap > >>>cn: auto.users > >>>name: auto.users > >>>nisMapName: auto.users > >>> > >>>dn: > >>>cn=cifsuser,CN=auto.users,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site > >>> > >>>objectClass: top > >>>objectClass: nisObject > >>>cn: cifsuser > >>>name: cifsuser > >>>msSFU30Name: cifsuser > >>>msSFU30NisDomain: home > >>>nisMapName: auto.users > >>>nisMapEntry: * > >>>-fstype=cifs,sec=krb5,username=cifsuser,multiuser ://altea/users/& > >>> > >>>Thanks, > >>>Steve > >>Sorry, I missed auto.master: > >> > >>dn: CN=auto.master,CN=HOME,CN=defaultMigrationContainer30,DC=hh3,DC=site > >>objectClass: top > >>objectClass: nisMap > >>cn: auto.master > >>name: auto.master > >> > >> > >> > >> > >> > >>_______________________________________________ > >>sssd-devel mailing list > >>[email protected] > >>https://lists.fedorahosted.org/mailman/listinfo/sssd-devel > >Can I chime in here, I am also trying to get this to work and it > >isn't, the basic setup works if I use 'automount: files ldap' > >in /etc/nsswitch, but if I change ldap to sss it stops working. > > > >I get this in /var/log/sssd/sssd_home.lan.log: > > > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [dp_get_options] > >(0x0400): Option ldap_autofs_search_base has value > >"CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan" > > > >but further down I get: > > > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_autofs_init] > >(0x2000): Initializing autofs LDAP back end > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] > >[ldap_get_autofs_options] (0x0400): Search base not set, trying to > >discover it later connecting to the LDAP server. > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] > >[sdap_create_search_base] (0x0020): Invalid base DN > >["CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan"] > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] > >[common_parse_search_base] (0x0100): Search base added: > >[AUTOFS][cn][SUBTREE][�e^E+^M^?] > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map] > >(0x0400): Option ldap_autofs_map_object_class has value "nisMap" > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map] > >(0x0400): Option ldap_autofs_map_name has value nisMapName > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map] > >(0x0400): Option ldap_autofs_entry_object_class has value > >"nisObject" > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map] > >(0x0400): Option ldap_autofs_entry_key has value "cn" > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [sdap_get_map] > >(0x0400): Option ldap_autofs_entry_value has value "nisMapEntry" > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] [be_process_init] > >(0x2000): autofs backend target successfully loaded from provider > >[ldap]. > >(Fri Sep 13 10:00:24 2013) [sssd[be[home.lan]]] > >[client_registration] (0x0100): Added Frontend client [autofs] > > > >I can assure you that > >'CN=HOME,CN=defaultMigrationContainer30,DC=home,DC=lan' exists in > >my Samba 4 AD and would appear to be the format that windows > >wants. > > > >Rowland > OK, I had been concentrating on the sssd logfiles, but when I looked > in /var/log/syslog I found this: > > Sep 13 11:46:13 ThinkPad automount[2927]: open_lookup:93: cannot > open lookup module sss > (/usr/lib/x86_64-linux-gnu/autofs/lookup_sss.so: cannot open shared > object file: No such file or directory) > > If I look in /usr/lib/x86_64-linux-gnu/autofs I find: > > -rw-r--r-- 1 root root 92640 Nov 14 2012 lookup_dir.so > -rw-r--r-- 1 root root 109200 Nov 14 2012 lookup_file.so > lrwxrwxrwx 1 root root 14 Nov 14 2012 lookup_files.so -> > lookup_file.so > -rw-r--r-- 1 root root 109304 Nov 14 2012 lookup_hosts.so > -rw-r--r-- 1 root root 155120 Nov 14 2012 lookup_ldap.so > lrwxrwxrwx 1 root root 14 Nov 14 2012 lookup_ldaps.so -> > lookup_ldap.so > -rw-r--r-- 1 root root 113184 Nov 14 2012 lookup_multi.so > -rw-r--r-- 1 root root 100976 Nov 14 2012 lookup_nisplus.so > lrwxrwxrwx 1 root root 12 Nov 14 2012 lookup_nis.so -> lookup_yp.so > -rw-r--r-- 1 root root 96824 Nov 14 2012 lookup_program.so > -rw-r--r-- 1 root root 92640 Nov 14 2012 lookup_userhome.so > -rw-r--r-- 1 root root 100960 Nov 14 2012 lookup_yp.so > ......... > > Yes, it is not there, I am using sssd 1.10.1 that I compiled myself, > so I probably missed something when I ran configure, but what? this > is the configure line I used: > > ./configure --build=x86_64-unknown-linux-gnu > --host=x86_64-unknown-linux-gnu --target=x86_64-debian-linux-gnu > --program-prefix= --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin > --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share > --includedir=/usr/include --libdir=/usr/lib/x86_64-linux-gnu > --libexecdir=/usr/lib/x86_64-linux-gnu/sssd --localstatedir=/var > --sharedstatedir=/var/lib --mandir=/usr/share/man > --infodir=/usr/share/info --enable-nsslibdir=/lib/x86_64-linux-gnu > --enable-pammoddir=/lib/x86_64-linux-gnu/security > --with-krb5-rcache-dir=/var/cache/krb5rcache --with-initscript=sysv > --with-test-dir=/dev/shm --enable-all-experimental-features > --with-default-ccache-dir=/run/user/%U > --with-default-ccname-template=DIR:%d/ccdir > --cache-file=/tmp/ubuconfig.cache > > Rowland
lookup_sss.so is provided by automounter, not sssd. It should be part of the standard autofs package. _______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
