[Freeipa-users] issues with nfs4 privileges.
Simo Sorce
simo at redhat.com
Fri Jun 20 18:05:29 UTC 2014
On Fri, 2014-06-20 at 19:51 +0200, Rob Verduijn wrote:
> Considering the root immplications.
>
> Handing out root to all nfs clients is indeed something that is undesirable.
> However personally I believe manually creating homedirs to be a
> procedure from the previous millenium.
>
> Can I get freeipa to do this automatically the right way ? (respecting security)
Not yet, because it is complicated, the problem is that the FreeIPA
server doesn't necessarily know "where" the home directories are.
We assume the user want's to provide them from a dedicated NAS or other
NFS Server.
We are tracking the desire to perform operations (like home directory
creation) when a user is created here:
https://fedorahosted.org/freeipa/ticket/2156
In the meanwhile I can suggest using some script in a cronjob on the NFS
Server that fetches the users list from ldap and proceed to create a
home directory from the homeDirectory attribute, if it is missing.
Simo.
--
Simo Sorce * Red Hat, Inc * New York
More information about the Freeipa-users
mailing list