[Freeipa-users] netgroups not working for exports in freeipa
Roderick Johnstone
rmj at ast.cam.ac.uk
Tue Jan 27 22:03:37 UTC 2015
Hi
I'm migrating from a legacy NIS setup to ipa. I have a number of NIS
netgroups (of hosts) that are being used to export (non-kerberos) nfs
shares to which I would like to migrate to ipa.
I've create a new netgroup in ipa (for testing) and added some hosts to
it (using ipa netgroup-add and ipa netgroup-add-member). I'm hoping that
when exporting an nfs share using the @netgroup syntax in /etc/exports
that the netgroup will be looked up in ipa and the share will be
exported to the hosts in the netgroup.
/etc/nsswitch.conf has a line:
netgroup: files nis sss
/etc/exports has a line:
/var/tmp/testexport @rmjnetgroup1(ro)
I haven't, so far, been able to mount the exported share on a client so
I'm wondering if this setup would be expected to work?
What is confusing to me is that the section in the Redhat 6 Identity
Management guide on netgroups also has information on running the NIS
listener plugin so I'm wondering if perhaps this only works when running
the nis listener. I'm trying to avoid that.
I'd welcome any clarification on how to do non-kerberised nfs exports to
groups of hosts.
Thanks.
Roderick Johnstone
More information about the Freeipa-users
mailing list