On (24/03/19 19:10), Gregory Carter wrote: >I have a diskless workstation, which I noticed recently with some updates >has stopped working with respect to sssd. Here is the config which no >longer works: > >[domain/default] >id_provider = ldap >autofs_provider = ldap >auth_provider = ldap >chpass_provider = ldap >ldap_uri = ldap://named.domain.com/ >ldap_search_base = dc=domain,dc=com >ldap_id_use_start_tls = True >ldap_tls_cacertdir = /etc/openldap/certs >cache_credentials = True >ldap_autofs_map_object_class = automountMap >ldap_autofs_map_name = ou >ldap_autofs_entry_object_class = automount >ldap_autofs_entry_key = cn >ldap_autofs_entry_value = automountInformation >debug_level = 9 > >[sssd] >services = nss, pam, autofs >domains = default >debug_level = 9 > >[nss] >homedir_substring = /home >debug_level = 9 > >[pam] >debug_level = 9 > >[sudo] >debug_level = 9 > >[autofs] >debug_level = 9 > >[ssh] >debug_level = 9 > >[pac] >debug_level = 9 > >[ifp] >debug_level = 9 > >[secrets] >debug_level = 9 > >[session_recording] >debug_level = 9 > >What I found, is that the /var/lib/sss directory is not working correctly >anymore with NFS root mount. >
Are you sure that it worked on fedora < 29 ? NFS was never recommended for /var/lib/sss/db. >Lots of timeout and error messages which, after looking at with various >debug levels, really didn't offer any clue to exactly why the various >components would time out. > >However, I did notice the only workstation which had a issue with the >update was the diskless workstation, so I mounted the /var/lib/sss >directory on /tmp (Ram disk) which fixed the issue. > tmpfs is better for diskless workstation than NFS. >I searched for a option to change the sssd /var/lib/sss path and did not >find one. > >Is there a way to change that in the /etc/sssd/sssd.conf? No, /var/lib/sss is hardcoded. LS _______________________________________________ sssd-users mailing list -- [email protected] To unsubscribe send an email to [email protected] Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/[email protected]
