[Freeipa-users] question about automount config

Arthur Fayzullin arthur at deus.pro
Tue Jun 7 13:10:51 UTC 2016 

I have done like You said. Here is output:

[root at nfsclient ~]# automount -vvvf
1  Starting automounter version 5.1.1-3.fc23, master map auto.master
2  using kernel protocol version 5.02
3  mounted indirect on /misc with timeout 300, freq 75 seconds
4  mounted indirect on /net with timeout 300, freq 75 seconds
5  mounted indirect on /home with timeout 300, freq 75 seconds
6  lookup_read_map: lookup(sss): getautomntent_r: No such file or directory
7  attempting to mount entry /home/afayzullin
8  >> mount.nfs4: Connection timed out
9  mount(nfs): nfs: mount failure nfserver.ciktrb.ru:/home/afayzullin on
/home/afayzullin
10 failed to mount /home/afayzullin
11 re-reading map for /home
12 attempting to mount entry /home/afayzullin

from string 1 till 6 is startup output. I have googled by
'getautomntent_r', it has shown some closed threads that should be fixed
(line 3, 4, 5 shows that it is ok)
from line 7 I try to login as afayzullin and autofs tries to mount it as
I wish, but for some reason it can not.
How can I know why it can not do it? Where to look for it?

also I have put debug_level=6 in [autofs] at /etc/sssd/sssd.conf and
here is a piece from /var/log/sssd/sssd_autofs.log

(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [accept_fd_handler] (0x0400):
Client connected!
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_cmd_get_version]
(0x0200): Received client version [1].
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_cmd_get_version]
(0x0200): Offered version [1].
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_autofs_cmd_setautomntent]
(0x0400): Got request for automount map named auto.home
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_parse_name_for_domains]
(0x0200): name 'auto.home' matched without domain, user is auto.home
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [setautomntent_send] (0x0400):
Requesting info for automount map [auto.home] from [<ALL>]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): Requesting info for [auto.home at ciktrb.ru]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_dp_issue_request]
(0x0400): Issuing request for [0x558ed3ebab90:0:auto.home at ciktrb.ru]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_dp_get_autofs_msg]
(0x0400): Creating autofs request for [ciktrb.ru][4105][mapname=auto.home]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_dp_internal_get_send]
(0x0400): Entering request [0x558ed3ebab90:0:auto.home at ciktrb.ru]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): Requesting info for [auto.home at ciktrb.ru]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sysdb_autofs_entries_by_map]
(0x0400): Getting entries for map auto.home
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): setautomntent done for map auto.home
(Tue Jun  7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_setautomntent_done] (0x0400): setautomntent found data
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_dp_req_destructor]
(0x0400): Deleting request: [0x558ed3ebab90:0:auto.home at ciktrb.ru]
(Tue Jun  7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key afayzullin
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [getautomntbyname_process]
(0x0080): No key named [afayzullin] found
(Tue Jun  7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key /
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [getautomntbyname_process]
(0x0080): No key named [/] found
(Tue Jun  7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key *
(Tue Jun  7 15:59:58 2016) [sssd[autofs]] [sss_autofs_cmd_endautomntent]
(0x0400): endautomntent called

While manual mount works fine:
# mount -vvv -t nfs4 nfserver.ciktrb.ru:/home/afayzullin /mnt
mount.nfs4: timeout set for Tue Jun  7 17:07:25 2016
mount.nfs4: trying text-based options
'vers=4.2,addr=10.254.1.167,clientaddr=10.254.1.168'
[root at nfsclient ~]# echo $?
0
[root at nfsclient ~]# mount -l
nfserver.ciktrb.ru:/home/afayzullin on /mnt type nfs4
(rw,relatime,seclabel,vers=4.2,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5,clientaddr=10.254.1.168,local_lock=none,addr=10.254.1.167)

$ ssh nfsclient
Creating home directory for afayzullin.
Last login: Tue Jun  7 17:34:14 2016
Could not chdir to home directory /home/afayzullin: No such file or
directory
-bash-4.3$ ll /mnt
итого 0
-rw-rw-r--. 1 afayzullin afayzullin 0 июн  7 17:00 test

but home is empty
# ll /home/
итого 0

So what steps should I take next?

24.05.2016 18:01, Prasun Gera пишет:
> You can stop the autofs daemon, and run it in foreground with
> automount -fvv. Then try to access the mount point in parallel. The
> logs from the foreground run should shed some light. Also, does your
> autofs setup work without kerberos ? As a first step it to work with
> non-kerberised nfs. 
>
> On Mon, May 23, 2016 at 11:06 AM, Arthur Fayzullin <arthur at deus.pro
> <mailto:arthur at deus.pro>> wrote:
>
>     Good day, colleagues!
>     I am confused about how automount work and howto configure it. I have
>     tried to configure it according to
>     https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html
>     document (paragraph 9.1.1 and chapter 20).
>     I have tried to make it work on 3 servers:
>     1. ipa server;
>     2. nfs server (node00);
>     3. nfs client (postgres).
>
>
>     *** so here how it configured on ipa server:
>     $ ipa automountlocation-tofiles amantai
>     /etc/auto.master:
>     /-      /etc/auto.direct
>     /home   /etc/auto.home
>     ---------------------------
>     /etc/auto.direct:
>     ---------------------------
>     /etc/auto.home:
>     *       -sec=kr5i,rw,fstype=nfs4 node00.glavsn.ab:/home/&
>
>     maps not connected to /etc/auto.master:
>
>     $ ipa service-find nfs
>     ------------------
>     2 services matched
>     ------------------
>       Основной: nfs/node00.glavsn.ab at GLAVSN.AB
>       Keytab: True
>       Managed by: node00.glavsn.ab
>
>       Основной: nfs/postgres.glavsn.ab at GLAVSN.AB
>       Keytab: True
>       Managed by: postgres.glavsn.ab
>
>
>     *** here is nfs server config:
>     $ sudo klist -k
>     Пароль:
>     Keytab name: FILE:/etc/krb5.keytab
>     KVNO Principal
>     ----
>     --------------------------------------------------------------------------
>        1 host/node00.glavsn.ab at GLAVSN.AB
>        1 host/node00.glavsn.ab at GLAVSN.AB
>        1 host/node00.glavsn.ab at GLAVSN.AB
>        1 host/node00.glavsn.ab at GLAVSN.AB
>        2 nfs/node00.glavsn.ab at GLAVSN.AB
>        2 nfs/node00.glavsn.ab at GLAVSN.AB
>        2 nfs/node00.glavsn.ab at GLAVSN.AB
>        2 nfs/node00.glavsn.ab at GLAVSN.AB
>
>     $ cat /etc/exports
>     /home *(rw,sec=sys:krb5:krb5i:krb5p)
>
>     $ sudo firewall-cmd --list-all
>     public (default, active)
>       interfaces: bridge0 enp1s0
>       sources:
>       services: dhcpv6-client nfs ssh
>       ports: 8001/tcp
>       masquerade: no
>       forward-ports:
>       icmp-blocks:
>       rich rules:
>
>     $ getenforce
>     Enforcing
>
>
>     *** here nfs client config:
>     # klist -k
>     Keytab name: FILE:/etc/krb5.keytab
>     KVNO Principal
>     ----
>     --------------------------------------------------------------------------
>        1 host/postgres.glavsn.ab at GLAVSN.AB
>        1 host/postgres.glavsn.ab at GLAVSN.AB
>        1 host/postgres.glavsn.ab at GLAVSN.AB
>        1 host/postgres.glavsn.ab at GLAVSN.AB
>        1 nfs/postgres.glavsn.ab at GLAVSN.AB
>        1 nfs/postgres.glavsn.ab at GLAVSN.AB
>        1 nfs/postgres.glavsn.ab at GLAVSN.AB
>        1 nfs/postgres.glavsn.ab at GLAVSN.AB
>
>     # firewall-cmd --list-all
>     FedoraServer (default, active)
>       interfaces: ens3
>       sources:
>       services: cockpit dhcpv6-client ssh
>       ports:
>       protocols:
>       masquerade: no
>       forward-ports:
>       icmp-blocks:
>       rich rules:
>
>     # mount -l  (contains next string)
>     auto.home on /home type autofs
>     (rw,relatime,fd=25,pgrp=960,timeout=300,minproto=5,maxproto=5,indirect)
>
>     # ll /home/afayzullin
>     ls says that it cannot access /home/afayzullin: no such file or
>     directory
>
>     I have run
>     # ipa-client-automount --location=amantai
>     on client and it has completed successfully.
>
>     I have tried to disable selinux, drop iptables rules. And now I am
>     little confused about what to do next. May if someone has faced with
>     automount config can give me some advice, or if there is any howto
>     config automount, or some can advise howto debug this situation?
>
>     --
>     Manage your subscription for the Freeipa-users mailing list:
>     https://www.redhat.com/mailman/listinfo/freeipa-users
>     Go to http://freeipa.org for more info on the project
>
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20160607/bb302bda/attachment.htm>

More information about the Freeipa-users mailing list