[Freeipa-users] Automount kerberos errors

Sigbjorn Lie sigbjorn at nixtra.com
Tue Nov 22 19:46:04 UTC 2011 

Hi,

I have configured automount to use the hosts' kerberos keytab to speak 
GSSAPI with the IPA server, using the following as 
/etc/autofs_ldap_auth.conf:

<?xml version="1.0" ?>
<!--
GENERATED BY CFENGINE
-->
<autofs_ldap_sasl_conf
     usetls="no"
     tlsrequired="no"
     authrequired="autodetect"
     authtype="GSSAPI"
     clientprinc="host/redhat5.ix.test.com at IX.TEST.COM"
/>


I get the following error messages in the log, once a day. It seem like 
the ticket expires before it's renewed. Has anyone else seen this? Or 
perhaps I should file a bug report on the automounter? I don't get this 
error message on Red Hat 6 clients.

I also get the error where automount says sss is not a supported 
automount source, even though the ipa-client-install script configured 
nsswitch to look up automount in sss. I get this error message on both 
Red Hat 5 and Red Hat 6 machines. What's going on?




Nov 20 15:49:15 redhat5 automount[26234]: ignored unsupported autofs 
nsswitch source "sss"
Nov 20 15:49:15 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 20 15:49:15 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 20 16:05:33 redhat5 automount[26234]: ignored unsupported autofs 
nsswitch source "sss"
Nov 20 16:05:33 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 20 16:05:33 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 20 16:20:17 redhat5 automount[26234]: ignored unsupported autofs 
nsswitch source "sss"
Nov 20 16:20:17 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 20 16:20:18 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 20 16:43:44 redhat5 automount[26234]: ignored unsupported autofs 
nsswitch source "sss"
Nov 20 16:43:44 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 20 16:43:44 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 20 20:13:28 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 20 20:13:28 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 21 22:01:47 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 21 22:01:48 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 21 22:51:57 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 21 22:51:58 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 21 23:14:30 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 21 23:14:30 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)
Nov 22 20:36:34 redhat5 automount[26234]: sasl_log_func:100: No worthy 
mechs found
Nov 22 20:36:34 redhat5 automount[26234]: sasl_log_func:100: GSSAPI 
Error: Unspecified GSS failure.  Minor code may provide more information 
(Ticket expired)


Rgds,
Siggi

More information about the Freeipa-users mailing list