<div dir="ltr">You can stop the autofs daemon, and run it in foreground with automount -fvv. Then try to access the mount point in parallel. The logs from the foreground run should shed some light. Also, does your autofs setup work without kerberos ? As a first step it to work with non-kerberised nfs. </div><div class="gmail_extra"> <div class="gmail_quote">On Mon, May 23, 2016 at 11:06 AM, Arthur Fayzullin <<a href="mailto:arthur@deus.pro" target="_blank">arthur@deus.pro</a>> wrote: <blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Good day, colleagues! I am confused about how automount work and howto configure it. I have tried to configure it according to <a href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html" rel="noreferrer" target="_blank">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html</a> document (paragraph 9.1.1 and chapter 20). I have tried to make it work on 3 servers: 1. ipa server; 2. nfs server (node00); 3. nfs client (postgres). *** so here how it configured on ipa server: $ ipa automountlocation-tofiles amantai /etc/auto.master: /- /etc/auto.direct /home /etc/auto.home --------------------------- /etc/auto.direct: --------------------------- /etc/auto.home: * -sec=kr5i,rw,fstype=nfs4 node00.glavsn.ab:/home/& maps not connected to /etc/auto.master: $ ipa service-find nfs ------------------ 2 services matched ------------------ Основной: nfs/node00.glavsn.ab@GLAVSN.AB Keytab: True Managed by: node00.glavsn.ab Основной: nfs/postgres.glavsn.ab@GLAVSN.AB Keytab: True Managed by: postgres.glavsn.ab *** here is nfs server config: $ sudo klist -k Пароль: Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 host/node00.glavsn.ab@GLAVSN.AB 1 host/node00.glavsn.ab@GLAVSN.AB 1 host/node00.glavsn.ab@GLAVSN.AB 1 host/node00.glavsn.ab@GLAVSN.AB 2 nfs/node00.glavsn.ab@GLAVSN.AB 2 nfs/node00.glavsn.ab@GLAVSN.AB 2 nfs/node00.glavsn.ab@GLAVSN.AB 2 nfs/node00.glavsn.ab@GLAVSN.AB $ cat /etc/exports /home *(rw,sec=sys:krb5:krb5i:krb5p) $ sudo firewall-cmd --list-all public (default, active) interfaces: bridge0 enp1s0 sources: services: dhcpv6-client nfs ssh ports: 8001/tcp masquerade: no forward-ports: icmp-blocks: rich rules: $ getenforce Enforcing *** here nfs client config: # klist -k Keytab name: FILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 host/postgres.glavsn.ab@GLAVSN.AB 1 host/postgres.glavsn.ab@GLAVSN.AB 1 host/postgres.glavsn.ab@GLAVSN.AB 1 host/postgres.glavsn.ab@GLAVSN.AB 1 nfs/postgres.glavsn.ab@GLAVSN.AB 1 nfs/postgres.glavsn.ab@GLAVSN.AB 1 nfs/postgres.glavsn.ab@GLAVSN.AB 1 nfs/postgres.glavsn.ab@GLAVSN.AB # firewall-cmd --list-all FedoraServer (default, active) interfaces: ens3 sources: services: cockpit dhcpv6-client ssh ports: protocols: masquerade: no forward-ports: icmp-blocks: rich rules: # mount -l (contains next string) auto.home on /home type autofs (rw,relatime,fd=25,pgrp=960,timeout=300,minproto=5,maxproto=5,indirect) # ll /home/afayzullin ls says that it cannot access /home/afayzullin: no such file or directory I have run # ipa-client-automount --location=amantai on client and it has completed successfully. I have tried to disable selinux, drop iptables rules. And now I am little confused about what to do next. May if someone has faced with automount config can give me some advice, or if there is any howto config automount, or some can advise howto debug this situation? -- Manage your subscription for the Freeipa-users mailing list: <a href="https://www.redhat.com/mailman/listinfo/freeipa-users" rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a> Go to <a href="http://freeipa.org" rel="noreferrer" target="_blank">http://freeipa.org</a> for more info on the project</blockquote></div> </div>