Am Dienstag, 31. März 2015, 20:28:37 schrieb Jakub Hrozek:
On Mon, Mar 30, 2015 at 03:12:54PM +0200, Günther J. Niederwimmer wrote:
Hello,
Am Montag, 30. März 2015, 11:07:52 schrieb Jakub Hrozek:
Am Montag, 30. März 2015, 09:45:54 schrieb Lukas Slebodnik:
On (29/03/15 16:27), Günther J. Niederwimmer wrote:
Hello,
On my system centos 7 my automount is not working. IPA 4.1 sssd 1.12
I have this Error ? automount[1899]: lookup_read_map: lookup(sss): getautomntent_r: No such file or directory
have I to configure more in sssd ?
Now I have this from ipa
autofs_provider = ipa ipa_automount_location = default
It is not directy documentation[1] to autofs with ipa provider but it can help you. If the documentation is not clear then we will try to find problem and improve documentation afterwards.
I read this Doc before I wrote to the list ;)
But I mean I can't correct read this?
I have configured the system with "ipa-client-automount" the ipa tool don't configure /etc/sysconfig/autofs and /etc/autofs_ldap_auth.conf any more?
The problem is I can't find any in the doc for this Problem.
In IPA 4.1 all configuration should make sssd, but nothing tell me, have I to do more in the sssd.conf ?
Yes, for now we need to increase debug_level in autofs and domain sections to be able to inspect the logs.
OK Thanks, I have secure_level = 6 is this OK
Thanks for the logs and sorry for the delay. See some observations inline. The autofs client and responder are configured correctly and I even see some searches finding maps on the back end side. Can you also post the corresponding automounter -m output, maybe also with some verbose options?
Np problem ;) I have to say thank's for the help.
you mean automount -v -m ?
autofs dump map information ===========================
global options: none configured
Mount point: /misc
source(s):
instance type(s): file map: /etc/auto.misc
cd | -fstype=iso9660,ro,nosuid,nodev :/dev/cdrom
Mount point: /net
source(s):
type: hosts
ipa1.4gjn.prv | (null) smtp1.4gjn.prv | (null) bbs.4gjn.prv | (null) dns.4gjn.prv | (null) ipa.4gjn.prv | (null) localhost | (null)
Mount point: /home
source(s):
instance type(s): sss map: auto.home
* | -fstype=nfs4,rw,sec=krb5,soft,rsize=8192,wsize=8192 bbs.4gjn.prv:/exports/home/&
Mount point: /-
source(s): lookup_read_map: lookup(sss): getautomntent_r: No such file or directory
instance type(s): sss map: auto.direct
no keys found in map
Mount point: /daten
source(s):
instance type(s): sss map: auto.daten
* | - fstype=nfs4,rw,insecure,sync,no_root_squash,no_subtree_check,nohide,rsize=8192,wsize=8192 bbs.4gjn.prv:/exports/daten/&
I mean I have here a Error in my configuration, I mean I have to write bbs.4gjn.prv:/daten/&
Can you also describe how you set up the maps and the entries on the server side so that we can reproduce locally?
I make a bind command in my /exports/ Directory /home /exports/home none rw,bind 0 0 /daten /exports/daten none rw,bind 0 0
This is my /etc/export File /exports 192.168.90.0/16(rw,sec=sys:krb5:krb5i:krb5p,no_root_squash,subtree_check,crossmnt,fsid=0) /exports/daten 192.168.90.0/16(rw,insecure,sync,no_root_squash,no_subtree_check,nohide) /exports/home 192.168.90.0/16(rw,sec=sys:krb5:krb5i:krb5p)
I hope this is all, you must have ? Thank you.
(Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [resolv_gethostbyname_files_send] (0x0100): Trying to resolve A record of 'ipa.4gjn.prv' in files (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [set_server_common_status] (0x0100): Marking server 'ipa.4gjn.prv' as 'resolving name' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [set_server_common_status] (0x0100): Marking server 'ipa.4gjn.prv' as 'name resolved' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [be_resolve_server_process] (0x0200): Found address for server ipa.4gjn.prv: [192.168.90.214] TTL 7200 (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [ipa_resolve_callback] (0x0400): Constructed uri 'ldap://ipa.4gjn.prv' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [sdap_async_sys_connect_send] (0x0020): connect failed [101][Network is unreachable]. (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [sss_ldap_init_send] (0x0400): Setting 6 seconds timeout for connecting (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [sss_ldap_init_sys_connect_done] (0x0020): sdap_async_sys_connect request failed. (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [sdap_sys_connect_done] (0x0020): sdap_async_connect_call request failed. (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [fo_set_port_status] (0x0100): Marking port 0 of server 'ipa.4gjn.prv' as 'not working' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [fo_set_port_status] (0x0400): Marking port 0 of duplicate server 'ipa.4gjn.prv' as 'not working' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [fo_resolve_service_send] (0x0100): Trying to resolve service 'IPA' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [fo_resolve_service_send] (0x0020): No available servers for service 'IPA' (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [sdap_id_op_connect_done] (0x0020): Failed to connect, going offline (5 [Input/output error]) (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [be_ptask_create] (0x0400): Periodic task [Check if online (periodic)] was created (Mon Mar 30 10:15:05 2015) [sssd[be[4gjn.prv]]] [be_ptask_schedule] (0x0400): Task [Check if online (periodic)]: scheduling task 71 seconds from now [1427703376]
Here IPA had some networking problems. Later it seemed to recover, just saying.
[...]
(Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [be_autofs_handler] (0x0400): Entering be_autofs_handler() (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_autofs_handler] (0x0200): Requested refresh for: auto.master (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_autofs_handler] (0x0200): Refresh of automount master map triggered: auto.master (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_next_base] (0x0400): Searching for automount maps with base [cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(automountMapName=auto.master)(objectclass=automountMap))][cn=default, cn=automount,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_process] (0x0400): Search for autofs maps, returned 1 results. (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_send] (0x0400): Examining autofs map [automountmapname=auto.master,cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_next_base] (0x0400): Searching for automount map entries with base [cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(automountKey=*)(objectclass=automount))][automountmapname=auto.master ,cn=default,cn=automount,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_done] (0x0400): Search for autofs entries, returned 3 results. (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_done] (0x0400): automount map members received (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sysdb_autofs_entries_by_map] (0x0400): Getting entries for map auto.master (Mon Mar 30 10:15:15 2015) [sssd[be[4gjn.prv]]] [sysdb_save_autofsmap] (0x0400): Adding autofs map auto.master
As you can see from the logs here, the auto.master map was found on the server and had 3 entries. Can I wonder if a more verbose log level would show more?
(Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_ptask_execute] (0x0400): Task [Cleanup of 4gjn.prv]: executing task, timeout 3600 seconds (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_ptask_done] (0x0400): Task [Cleanup of 4gjn.prv]: finished successfully (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_ptask_schedule] (0x0400): Task [Cleanup of 4gjn.prv]: scheduling task 3600 seconds from last execution time [1427706916] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_full_refresh_send] (0x0400): Issuing a full refresh of sudo rules (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_refresh_connect_done] (0x0400): SUDO LDAP connection successful (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_load_sudoers_next_base] (0x0400): Searching for sudo rules with base [ou=SUDOers,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(objectClass=sudoRole)(|(!(sudoHost=*))(sudoHost=ALL)(sudoHost=smtp1.4 gjn.prv)(sudoHost=smtp1)(sudoHost=+*)(|(sudoHost=*\*)(sudoHost=*?*)(sudoH ost=*\2A*)(sudoHost=*[*]*))))][ou=SUDOers,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_load_sudoers_process] (0x0400): Receiving sudo rules with base [ou=SUDOers,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_refresh_load_done] (0x0400): Received 0 rules (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sysdb_sudo_purge_byfilter] (0x0400): No rules matched (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_refresh_load_done] (0x0400): Sudoers is successfuly stored in cache (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_full_refresh_done] (0x0400): Successful full refresh of sudo rules (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_schedule_refresh] (0x0400): Full refresh scheduled at: 1427724916 (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_sudo_schedule_refresh] (0x0400): Smart refresh scheduled at: 1427704216 (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_autofs_handler] (0x0400): Entering be_autofs_handler() (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_autofs_handler] (0x0200): Requested refresh for: auto.direct (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_next_base] (0x0400): Searching for automount maps with base [cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(automountMapName=auto.direct)(objectclass=automountMap))][cn=default, cn=automount,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_process] (0x0400): Search for autofs maps, returned 1 results. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_send] (0x0400): Examining autofs map [automountmapname=auto.direct,cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_next_base] (0x0400): Searching for automount map entries with base [cn=default,cn=automount,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(automountKey=*)(objectclass=automount))][automountmapname=auto.direct ,cn=default,cn=automount,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [automntmaps_process_members_done] (0x0400): Search for autofs entries, returned 0 results. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_automntmap_done] (0x0400): automount map members received (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sysdb_autofs_entries_by_map] (0x0400): Getting entries for map auto.direct (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sysdb_autofs_entries_by_map] (0x0400): No entries for the map (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sysdb_save_autofsmap] (0x0400): Adding autofs map auto.direct
Here also the direct map was found, but with no entries..
(Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_get_account_info] (0x0200): Got request for [0x1005][1][name=smtp:dccp] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [be_req_set_domain] (0x0400): Changing request domain from [4gjn.prv] to [4gjn.prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_services_next_base] (0x0400): Searching for services with base [cn=accounts,dc=4gjn,dc=prv] (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with [(&(cn=smtp)(ipServiceProtocol=dccp)(objectclass=ipService))][cn=accounts ,dc=4gjn,dc=prv]. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_generic_op_finished] (0x0400): Search result: Success(0), no errmsg set (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [sdap_get_services_process] (0x0400): Search for services, returned 0 results. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [get_object_from_cache] (0x0020): Unexpected entry type [5]. (Mon Mar 30 10:15:16 2015) [sssd[be[4gjn.prv]]] [ipa_id_get_account_info_orig_done] (0x0040): get_object_from_cache failed.
And here I think we have a completely unrelated bug in SSSD. Our code expects only entries that IPA currently manage and chokes on request for a service. I think that there might be deployments that use services in IPA, so we should fix this.. _______________________________________________ sssd-users mailing list sssd-users@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-users