[Freeipa-devel] [PATCH] 1023 tool for configuring automount
Martin Kosek
mkosek at redhat.com
Thu Jun 21 08:40:11 UTC 2012
On Wed, 2012-06-20 at 13:23 -0400, Rob Crittenden wrote:
> Rob Crittenden wrote:
> > Rob Crittenden wrote:
> >> Here is a tool that can be used to configure automount in an IPA client.
> >> It can use either SSSD or autofs for automount. It also configures NFSv4
> >> on the client so secure maps will work.
> >
> > rebased patch
>
> rebase again
>
> rob
I finally managed to look on this patch. This is generally a good work
and make things a lot easier, but still I found few issues:
1) The patch does not apply cleanly+it needs to be rebased:
# git apply freeipa-rcrit-1023-3-automount.patch
freeipa-rcrit-1023-3-automount.patch:210: trailing whitespace.
freeipa-rcrit-1023-3-automount.patch:264: trailing whitespace.
freeipa-rcrit-1023-3-automount.patch:273: trailing whitespace.
freeipa-rcrit-1023-3-automount.patch:542: trailing whitespace.
.\"
freeipa-rcrit-1023-3-automount.patch:547: trailing whitespace.
.\"
error: patch failed: ipapython/platform/base.py:24
error: ipapython/platform/base.py: patch does not apply
2) This is just an idea, but would it be better to call the new script
"ipa-client-automount" so that it is more visible that it is from
ipa-client binary family (along with ipa-client-install)?
3) KeyboardInterrupt is not caught properly:
# ipa-configure-automount
Searching for IPA server...
IPA server: DNS discovery
Location: default
Continue to configure the system with these values? [no]: Traceback
(most recent call last):
File "/sbin/ipa-configure-automount", line 433, in <module>
sys.exit(main())
File "/sbin/ipa-configure-automount", line 409, in main
if not options.unattended and not ipautil.user_input("Continue to
configure the system with these values?", False):
File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
636, in user_input
ret = raw_input("%s [%s]: " % (prompt, choice))
KeyboardInterrupt
4) Neither is EOFError (CTRL+d):
# ipa-configure-automount
Searching for IPA server...
IPA server: DNS discovery
Location: default
Continue to configure the system with these values? [no]: Traceback
(most recent call last):
File "/sbin/ipa-configure-automount", line 433, in <module>
sys.exit(main())
File "/sbin/ipa-configure-automount", line 409, in main
if not options.unattended and not ipautil.user_input("Continue to
configure the system with these values?", False):
File "/usr/lib/python2.7/site-packages/ipapython/ipautil.py", line
636, in user_input
ret = raw_input("%s [%s]: " % (prompt, choice))
EOFError
5) Would it make sense to check if the given automount location exists?
Currently there is no check for that:
# ipa-configure-automount --server vm-091.idm.lab.bos.redhat.com
--location foo
Searching for IPA server...
IPA server: DNS discovery
Location: foo
Continue to configure the system with these values? [no]: y
Configured /etc/nsswitch.conf
Configured /etc/sysconfig/nfs
Configured /etc/idmapd.conf
Started nfs-server.service
Started nfs-secure.service
Restarting sssd, waiting for it to become available.
Started autofs.service
Automount then obviously not work:
Jun 21 04:05:06 localhost automount[1401]: lookup_read_map: lookup(sss):
getautomntent_r: No such file or directory
6) In /etc/sssd/sssd.conf we configure ipa_automount_location and
autofs_provider options. But in uninstall, we remove only
ipa_automount_location and leave autofs_provider configured
7) This is related to ipa-client-install, but even when I disable
autodiscovery and add --server option it still disregards it and tries
to search SRV records:
# ipa-configure-automount --server=vm-091.idm.lab.bos.redhat.com
<after some time and SRV searches>
Unable to confirm that <some-ldap-server>.redhat.com is an IPA v2 server
8) When discovery is on, we are not really verbose:
# ipa-configure-automount
Searching for IPA server...
IPA server: DNS discovery
Location: default
Continue to configure the system with these values? [no]:
We just write "IPA server: DNS discovery", but I would at least like to
now what servers it detected so that I know it does the right thing.
9) autofs via LDAP (no SSSD )is broken when autodiscovery is used. After
some investigation I found this line is causing it:
+ if not autodiscover:
+ ldap_uri = "ldap://%s" % server
+ else:
+ ldap_uri = "ldap:///%s" % api.env.basedn <<<
There should be an IPA server, not basedn. When I fixed it, autofs via
LDAP worked.
9) Shouldn't configure_nfs be made optional? I don't think every IPA
client with autofs configured will want to have nfs-server running...
10) There are some artifacts in the man page:
+.TP
+Files that will be always be configured:
+
+/etc/nsswitch.conf
+
+Files that will be configured when SSSD is the automount client
(default):
+
+/etc/sssd/sssd.conf
+
+Files that will be configured when using the ldap automount client:
+
+/etc/sysconfig/autofs
+
+/etc/autofs_ldap_auth.conf
.TP is missing for the latter 2 file lists thus causing a bad indent.
Martin
More information about the Freeipa-devel
mailing list