[Freeipa-users] question about automount config
Arthur Fayzullin
arthur at deus.pro
Mon May 23 15:06:55 UTC 2016
Good day, colleagues!
I am confused about how automount work and howto configure it. I have
tried to configure it according to
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html
document (paragraph 9.1.1 and chapter 20).
I have tried to make it work on 3 servers:
1. ipa server;
2. nfs server (node00);
3. nfs client (postgres).
*** so here how it configured on ipa server:
$ ipa automountlocation-tofiles amantai
/etc/auto.master:
/- /etc/auto.direct
/home /etc/auto.home
---------------------------
/etc/auto.direct:
---------------------------
/etc/auto.home:
* -sec=kr5i,rw,fstype=nfs4 node00.glavsn.ab:/home/&
maps not connected to /etc/auto.master:
$ ipa service-find nfs
------------------
2 services matched
------------------
Основной: nfs/node00.glavsn.ab at GLAVSN.AB
Keytab: True
Managed by: node00.glavsn.ab
Основной: nfs/postgres.glavsn.ab at GLAVSN.AB
Keytab: True
Managed by: postgres.glavsn.ab
*** here is nfs server config:
$ sudo klist -k
Пароль:
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
1 host/node00.glavsn.ab at GLAVSN.AB
1 host/node00.glavsn.ab at GLAVSN.AB
1 host/node00.glavsn.ab at GLAVSN.AB
1 host/node00.glavsn.ab at GLAVSN.AB
2 nfs/node00.glavsn.ab at GLAVSN.AB
2 nfs/node00.glavsn.ab at GLAVSN.AB
2 nfs/node00.glavsn.ab at GLAVSN.AB
2 nfs/node00.glavsn.ab at GLAVSN.AB
$ cat /etc/exports
/home *(rw,sec=sys:krb5:krb5i:krb5p)
$ sudo firewall-cmd --list-all
public (default, active)
interfaces: bridge0 enp1s0
sources:
services: dhcpv6-client nfs ssh
ports: 8001/tcp
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
$ getenforce
Enforcing
*** here nfs client config:
# klist -k
Keytab name: FILE:/etc/krb5.keytab
KVNO Principal
----
--------------------------------------------------------------------------
1 host/postgres.glavsn.ab at GLAVSN.AB
1 host/postgres.glavsn.ab at GLAVSN.AB
1 host/postgres.glavsn.ab at GLAVSN.AB
1 host/postgres.glavsn.ab at GLAVSN.AB
1 nfs/postgres.glavsn.ab at GLAVSN.AB
1 nfs/postgres.glavsn.ab at GLAVSN.AB
1 nfs/postgres.glavsn.ab at GLAVSN.AB
1 nfs/postgres.glavsn.ab at GLAVSN.AB
# firewall-cmd --list-all
FedoraServer (default, active)
interfaces: ens3
sources:
services: cockpit dhcpv6-client ssh
ports:
protocols:
masquerade: no
forward-ports:
icmp-blocks:
rich rules:
# mount -l (contains next string)
auto.home on /home type autofs
(rw,relatime,fd=25,pgrp=960,timeout=300,minproto=5,maxproto=5,indirect)
# ll /home/afayzullin
ls says that it cannot access /home/afayzullin: no such file or directory
I have run
# ipa-client-automount --location=amantai
on client and it has completed successfully.
I have tried to disable selinux, drop iptables rules. And now I am
little confused about what to do next. May if someone has faced with
automount config can give me some advice, or if there is any howto
config automount, or some can advise howto debug this situation?
More information about the Freeipa-users
mailing list