[Freeipa-users] Could not chdir to home directory /home/net/dean: Permission denied

Mauricio Tavares raubvogel at gmail.com
Mon Apr 21 20:19:09 UTC 2014 

On Mon, Apr 21, 2014 at 4:03 PM, Dean Hunter <deanhunter at comcast.net> wrote:
> On Mon, 2014-04-21 at 14:05 -0500, Dean Hunter wrote:
>
> I am sorry, but I have forgotten where to start to diagnose this problem.
> Please remind me.
>
> [dean at host ~]$ ssh desktop.hunter.org
> Last login: Sun Apr 20 21:12:38 2014 from host.hunter.org
> Could not chdir to home directory /home/net/dean: Permission denied
> -bash: /home/net/dean/.bash_profile: Permission denied
> -bash-4.2$ pwd
> /
> -bash-4.2$ ls -l /home
> total 4
> drwx------. 4 local local 4096 Apr 20 21:04 local
> drwxr-xr-x. 3 root  root     0 Apr 21 13:48 net
> -bash-4.2$ ls -l /home/net
> total 8
> drwx--x---. 29 dean dean 4096 Apr 20 21:28 dean
> -bash-4.2$ ls -l /home/net/dean
> ls: cannot access /home/net/dean: Permission denied
> -bash-4.2$ whoami
> dean
> -bash-4.2$ exit
> logout
> -bash: /home/net/dean/.bash_logout: Permission denied
> Connection to desktop.hunter.org closed.
> [dean at host ~]$
>
> desktop.hunter.org is a VM that I have rebuilt several times trying to work
> around this problem. ipa-client-install and  ipa-client-automount completed
> without error messages.  /home/net/dean is accessible when I log-in through
> gdm and Virtual Machine Manager.
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users
>
>
> Now it appears as though that ssh fails to access the auto-mount home
> directory until after successful gdm log-in:
>
      I still suck at osssd (I assume the host you are connecting to
is rh/centos/fedora), but in pam you have to define each way you are
logging (gdm, ssh, screensaver) in to get a kerberos ticket, and
create the cache in /tmp after you are successfully authenticated.
automount then can use that ticket to do its thing. You will also
notice if you kinit manually you will then be able to cd to that
directory.

That is where I would start looking at.

>
> [dean at host ~]$ ssh desktop.hunter.org
> Last login: Mon Apr 21 14:34:51 2014 from host.hunter.org
> [dean at desktop ~]$ pwd
> /home/net/dean
> [dean at desktop ~]$ sudo -l
> Matching Defaults entries for dean on desktop:
>     requiretty, env_reset, env_keep="COLORS DISPLAY HOSTNAME HISTSIZE
> INPUTRC
>     KDEDIR LS_COLORS", env_keep+="MAIL PS1 PS2 QTDIR USERNAME LANG
> LC_ADDRESS
>     LC_CTYPE", env_keep+="LC_COLLATE LC_IDENTIFICATION LC_MEASUREMENT
>     LC_MESSAGES", env_keep+="LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER
>     LC_TELEPHONE", env_keep+="LC_TIME LC_ALL LANGUAGE LINGUAS _XKB_CHARSET
>     XAUTHORITY", secure_path=/sbin\:/bin\:/usr/sbin\:/usr/bin
>
> User dean may run the following commands on desktop:
>     (root : root) NOPASSWD: ALL
> [dean at desktop ~]$ yum list installed freeipa-*
> Loaded plugins: langpacks, refresh-packagekit
> Installed Packages
> freeipa-client.x86_64                3.3.4-3.fc20
> @local-updates
> freeipa-python.x86_64                3.3.4-3.fc20
> @local-updates
> [dean at desktop ~]$ logout
>
> Connection to desktop.hunter.org closed.
> [dean at host ~]$
>
>
> _______________________________________________
> Freeipa-users mailing list
> Freeipa-users at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-users

More information about the Freeipa-users mailing list