On 03/07/2014 06:02 AM, Longina Przybyszewska wrote:
Hi again, The pieces of the automount works almost... ;( My transition step towards getting automount on login with 'autofs' as sssd service, looks like that:
-I can authenticate with sssd and AD as id/access/auth_provider
- can login to machine from login GUI directly into local home directory /Lshare/long
- here from, using cd /home/long activates automount; Directory is mounted, but user has no permissions to access it
- sssd on client is configured without 'autofs' service (as I have no sign of automount nis-schema In AD, even if there is installed SFU)
-nsswitch says : automount: files sss
If you are not using SSSD for delivering the maps then you do not need 'sss' here. But this is not the problem you are seeing.
cat /proc/mounts:
/etc/auto.home /home autofs rw,relatime,fd=13,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 /etc/auto.nfs /nfs autofs rw,relatime,fd=7,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 /etc/auto.msshare /Mshare autofs rw,relatime,fd=19,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 jota.a.domain.com:/nfs4/jota/long /home/long nfs4 rw,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5p,clientaddr=10.80.8.91,local_lock=none,addr=10.144.4.254 0 0
df -h shows ikke that mount.
Both , client and server run the same version of sssd-1.11.1, and user 'long' is seen as a member of the same groups on both machines.
Does it have same UID/GID on both machines?
If I run as root on client 'cd /home/long', homdir is mounted:
cat /proc/mounts /etc/auto.home /home autofs rw,relatime,fd=13,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 /etc/auto.nfs /nfs autofs rw,relatime,fd=7,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 /etc/auto.msshare /Mshare autofs rw,relatime,fd=19,pgrp=15088,timeout=300,minproto=5,maxproto=5,indirect 0 0 jota.a.domain.com:/nfs4/jota/long /home/long nfs4 rw,relatime,vers=4.0,rsize=1048576,wsize=1048576,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5p,clientaddr=10.80.8.91,local_lock=none,addr=10.144.4.254 0 0
df -h ... jota.a.domain.com:/nfs4/jota/long 1.8T 2.1G 1.7T 1% /home/long Any ideas ?
Best longina
Med venlig hilsen
Longina Przybyszewska Systemprogrammør, IT-service
Tlf. +45 6550 2359 Mobil +45 6011 2359 Email longina@sdu.dk Web http://www.sdu.dk/ansat/longina Adr. Campusvej 55, 5230 Odense M
SYDDANSK UNIVERSITET _______________________________________________________________ Campusvej 55 * 5230 * Odense M * Tlf. +45 6550 1000 * www.sdu.dk
-----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of Longina Przybyszewska Sent: 27. februar 2014 16:56 To: 'End-user discussions about the System Security Services Daemon' Subject: Re: [SSSD-users] sssd-1.11.1 Trusty automount nfs4+krb+sssd problem
Hi, Ubuntu Saucy nfs4+krb+sssd server Ubuntu Trusty client,sssd+autofs
I can manually mount directory (nfs4+krb) as root on the client.
Is it possible on client, use SSSD with autofs service, with automounter referring to the flat files , /etc/auto.master ,/etc/auto.home, not to ldap?
How can I check if autofs delivered with distribution supports sssd?
Best longina
-----Original Message----- From: sssd-users-bounces@lists.fedorahosted.org [mailto:sssd-users-bounces@lists.fedorahosted.org] On Behalf Of Ondrej Valousek Sent: 20. februar 2014 13:48 To: End-user discussions about the System Security Services Daemon Subject: Re: [SSSD-users] sssd-1.11.1 Saucy automount(nfs4+krb problem)
Created BZ: https://bugzilla.redhat.com/show_bug.cgi?id=1067423
attached is a patch resolving the issue. Ondrej ________________________________________ From: sssd-users-bounces@lists.fedorahosted.org [sssd-users-bounces@lists.fedorahosted.org] on behalf of Simo Sorce [simo@redhat.com] Sent: Wednesday, February 19, 2014 7:35 PM To: End-user discussions about the System Security Services Daemon Subject: Re: [SSSD-users] sssd-1.11.1 Saucy automount(nfs4+krb problem)
On Wed, 2014-02-19 at 15:04 +0000, Ondrej Valousek wrote:
Hi Simo,
I are you getting on about this with Steve?
This is the current situation: <steved> simo: post a patch with what you want and lets talk about it....
:-)
Would it be better to open a RFE for this? I would like to know where we are standing - whether there is any chance that RHEL6 will be fixed or it would only go to RHEL 7.
An RFE for RHEL7 would be nice.
Simo.
-- Simo Sorce * Red Hat, Inc * New York
sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users