<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<p>I have done like You said. Here is output:</p>
<tt>[root@nfsclient ~]# automount -vvvf</tt><tt><br>
</tt><tt>1 Starting automounter version 5.1.1-3.fc23, master map
auto.master</tt><tt><br>
</tt><tt>2 using kernel protocol version 5.02</tt><tt><br>
</tt><tt>3 mounted indirect on /misc with timeout 300, freq 75
seconds</tt><tt><br>
</tt><tt>4 mounted indirect on /net with timeout 300, freq 75
seconds</tt><tt><br>
</tt><tt>5 mounted indirect on /home with timeout 300, freq 75
seconds</tt><tt><br>
</tt><tt>6 lookup_read_map: lookup(sss): getautomntent_r: No such
file or directory</tt><tt><br>
</tt><tt>7 attempting to mount entry /home/afayzullin</tt><tt><br>
</tt><tt>8 >> mount.nfs4: Connection timed out</tt><tt><br>
</tt><tt>9 mount(nfs): nfs: mount failure
nfserver.ciktrb.ru:/home/afayzullin on /home/afayzullin</tt><tt><br>
</tt><tt>10 failed to mount /home/afayzullin</tt><tt><br>
</tt><tt>11 re-reading map for /home</tt><tt><br>
</tt><tt>12 attempting to mount entry /home/afayzullin</tt><tt><br>
</tt><br>
from string 1 till 6 is startup output. I have googled by
'getautomntent_r', it has shown some closed threads that should be
fixed (line 3, 4, 5 shows that it is ok)<br>
from line 7 I try to login as afayzullin and autofs tries to mount
it as I wish, but for some reason it can not.<br>
How can I know why it can not do it? Where to look for it?<br>
<br>
also I have put debug_level=6 in [autofs] at /etc/sssd/sssd.conf and
here is a piece from /var/log/sssd/sssd_autofs.log<br>
<br>
<tt>(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [accept_fd_handler]
(0x0400): Client connected!<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [sss_cmd_get_version]
(0x0200): Received client version [1].<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [sss_cmd_get_version]
(0x0200): Offered version [1].<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_setautomntent] (0x0400): Got request for automount
map named auto.home<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_parse_name_for_domains] (0x0200): name 'auto.home' matched
without domain, user is auto.home<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [setautomntent_send]
(0x0400): Requesting info for automount map [auto.home] from
[<ALL>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): Requesting info for [<a class="moz-txt-link-abbreviated" href="mailto:auto.home@ciktrb.ru">auto.home@ciktrb.ru</a>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [sss_dp_issue_request]
(0x0400): Issuing request for
[<a class="moz-txt-link-abbreviated" href="mailto:0x558ed3ebab90:0:auto.home@ciktrb.ru">0x558ed3ebab90:0:auto.home@ciktrb.ru</a>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [sss_dp_get_autofs_msg]
(0x0400): Creating autofs request for
[ciktrb.ru][4105][mapname=auto.home]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_dp_internal_get_send] (0x0400): Entering request
[<a class="moz-txt-link-abbreviated" href="mailto:0x558ed3ebab90:0:auto.home@ciktrb.ru">0x558ed3ebab90:0:auto.home@ciktrb.ru</a>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): Requesting info for [<a class="moz-txt-link-abbreviated" href="mailto:auto.home@ciktrb.ru">auto.home@ciktrb.ru</a>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sysdb_autofs_entries_by_map] (0x0400): Getting entries for map
auto.home<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [lookup_automntmap_step]
(0x0400): setautomntent done for map auto.home<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_setautomntent_done] (0x0400): setautomntent found
data<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]] [sss_dp_req_destructor]
(0x0400): Deleting request: [<a class="moz-txt-link-abbreviated" href="mailto:0x558ed3ebab90:0:auto.home@ciktrb.ru">0x558ed3ebab90:0:auto.home@ciktrb.ru</a>]<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key afayzullin<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[getautomntbyname_process] (0x0080): No key named [afayzullin]
found<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key /<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[getautomntbyname_process] (0x0080): No key named [/] found<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_getautomntbyname] (0x0400): Requested data of map
auto.home key *<br>
(Tue Jun 7 15:59:58 2016) [sssd[autofs]]
[sss_autofs_cmd_endautomntent] (0x0400): endautomntent called<br>
</tt><br>
While manual mount works fine:<br>
<tt># mount -vvv -t nfs4 nfserver.ciktrb.ru:/home/afayzullin /mnt<br>
mount.nfs4: timeout set for Tue Jun 7 17:07:25 2016<br>
mount.nfs4: trying text-based options
'vers=4.2,addr=10.254.1.167,clientaddr=10.254.1.168'<br>
[root@nfsclient ~]# echo $?<br>
0<br>
[root@nfsclient ~]# mount -l<br>
nfserver.ciktrb.ru:/home/afayzullin on /mnt type nfs4
(rw,relatime,seclabel,vers=4.2,rsize=131072,wsize=131072,namlen=255,hard,proto=tcp,port=0,timeo=600,retrans=2,sec=krb5,clientaddr=10.254.1.168,local_lock=none,addr=10.254.1.167)<br>
</tt><br>
<tt>$ ssh nfsclient<br>
Creating home directory for afayzullin.<br>
Last login: Tue Jun 7 17:34:14 2016<br>
Could not chdir to home directory /home/afayzullin: No such file
or directory<br>
-bash-4.3$ ll /mnt<br>
итого 0<br>
-rw-rw-r--. 1 afayzullin afayzullin 0 июн 7 17:00 test</tt><br>
<br>
but home is empty<br>
<tt># ll /home/<br>
итого 0</tt><br>
<br>
So what steps should I take next?<br>
<br>
<div class="moz-cite-prefix">24.05.2016 18:01, Prasun Gera пишет:<br>
</div>
<blockquote
cite="mid:CAFLz+B=v=8k61mCd7V60Om-tFMuz6VckjgZ9qJp9LeSZQ8cteQ@mail.gmail.com"
type="cite">
<div dir="ltr">You can stop the autofs daemon, and run it in
foreground with automount -fvv. Then try to access the mount
point in parallel. The logs from the foreground run should shed
some light. Also, does your autofs setup work without kerberos ?
As a first step it to work with non-kerberised nfs. </div>
<div class="gmail_extra"><br>
<div class="gmail_quote">On Mon, May 23, 2016 at 11:06 AM,
Arthur Fayzullin <span dir="ltr"><<a
moz-do-not-send="true" href="mailto:arthur@deus.pro"
target="_blank"><a class="moz-txt-link-abbreviated" href="mailto:arthur@deus.pro">arthur@deus.pro</a></a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">Good day,
colleagues!<br>
I am confused about how automount work and howto configure
it. I have<br>
tried to configure it according to<br>
<a moz-do-not-send="true"
href="https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html"
rel="noreferrer" target="_blank">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html</a><br>
document (paragraph 9.1.1 and chapter 20).<br>
I have tried to make it work on 3 servers:<br>
1. ipa server;<br>
2. nfs server (node00);<br>
3. nfs client (postgres).<br>
<br>
<br>
*** so here how it configured on ipa server:<br>
$ ipa automountlocation-tofiles amantai<br>
/etc/auto.master:<br>
/- /etc/auto.direct<br>
/home /etc/auto.home<br>
---------------------------<br>
/etc/auto.direct:<br>
---------------------------<br>
/etc/auto.home:<br>
* -sec=kr5i,rw,fstype=nfs4
node00.glavsn.ab:/home/&<br>
<br>
maps not connected to /etc/auto.master:<br>
<br>
$ ipa service-find nfs<br>
------------------<br>
2 services matched<br>
------------------<br>
Основной: <a class="moz-txt-link-abbreviated" href="mailto:nfs/node00.glavsn.ab@GLAVSN.AB">nfs/node00.glavsn.ab@GLAVSN.AB</a><br>
Keytab: True<br>
Managed by: node00.glavsn.ab<br>
<br>
Основной: <a class="moz-txt-link-abbreviated" href="mailto:nfs/postgres.glavsn.ab@GLAVSN.AB">nfs/postgres.glavsn.ab@GLAVSN.AB</a><br>
Keytab: True<br>
Managed by: postgres.glavsn.ab<br>
<br>
<br>
*** here is nfs server config:<br>
$ sudo klist -k<br>
Пароль:<br>
Keytab name: <a class="moz-txt-link-freetext" href="FILE:/etc/krb5.keytab">FILE:/etc/krb5.keytab</a><br>
KVNO Principal<br>
----<br>
--------------------------------------------------------------------------<br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/node00.glavsn.ab@GLAVSN.AB">host/node00.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/node00.glavsn.ab@GLAVSN.AB">host/node00.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/node00.glavsn.ab@GLAVSN.AB">host/node00.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/node00.glavsn.ab@GLAVSN.AB">host/node00.glavsn.ab@GLAVSN.AB</a><br>
2 <a class="moz-txt-link-abbreviated" href="mailto:nfs/node00.glavsn.ab@GLAVSN.AB">nfs/node00.glavsn.ab@GLAVSN.AB</a><br>
2 <a class="moz-txt-link-abbreviated" href="mailto:nfs/node00.glavsn.ab@GLAVSN.AB">nfs/node00.glavsn.ab@GLAVSN.AB</a><br>
2 <a class="moz-txt-link-abbreviated" href="mailto:nfs/node00.glavsn.ab@GLAVSN.AB">nfs/node00.glavsn.ab@GLAVSN.AB</a><br>
2 <a class="moz-txt-link-abbreviated" href="mailto:nfs/node00.glavsn.ab@GLAVSN.AB">nfs/node00.glavsn.ab@GLAVSN.AB</a><br>
<br>
$ cat /etc/exports<br>
/home *(rw,sec=sys:krb5:krb5i:krb5p)<br>
<br>
$ sudo firewall-cmd --list-all<br>
public (default, active)<br>
interfaces: bridge0 enp1s0<br>
sources:<br>
services: dhcpv6-client nfs ssh<br>
ports: 8001/tcp<br>
masquerade: no<br>
forward-ports:<br>
icmp-blocks:<br>
rich rules:<br>
<br>
$ getenforce<br>
Enforcing<br>
<br>
<br>
*** here nfs client config:<br>
# klist -k<br>
Keytab name: <a class="moz-txt-link-freetext" href="FILE:/etc/krb5.keytab">FILE:/etc/krb5.keytab</a><br>
KVNO Principal<br>
----<br>
--------------------------------------------------------------------------<br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/postgres.glavsn.ab@GLAVSN.AB">host/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/postgres.glavsn.ab@GLAVSN.AB">host/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/postgres.glavsn.ab@GLAVSN.AB">host/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:host/postgres.glavsn.ab@GLAVSN.AB">host/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:nfs/postgres.glavsn.ab@GLAVSN.AB">nfs/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:nfs/postgres.glavsn.ab@GLAVSN.AB">nfs/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:nfs/postgres.glavsn.ab@GLAVSN.AB">nfs/postgres.glavsn.ab@GLAVSN.AB</a><br>
1 <a class="moz-txt-link-abbreviated" href="mailto:nfs/postgres.glavsn.ab@GLAVSN.AB">nfs/postgres.glavsn.ab@GLAVSN.AB</a><br>
<br>
# firewall-cmd --list-all<br>
FedoraServer (default, active)<br>
interfaces: ens3<br>
sources:<br>
services: cockpit dhcpv6-client ssh<br>
ports:<br>
protocols:<br>
masquerade: no<br>
forward-ports:<br>
icmp-blocks:<br>
rich rules:<br>
<br>
# mount -l (contains next string)<br>
auto.home on /home type autofs<br>
(rw,relatime,fd=25,pgrp=960,timeout=300,minproto=5,maxproto=5,indirect)<br>
<br>
# ll /home/afayzullin<br>
ls says that it cannot access /home/afayzullin: no such file
or directory<br>
<br>
I have run<br>
# ipa-client-automount --location=amantai<br>
on client and it has completed successfully.<br>
<br>
I have tried to disable selinux, drop iptables rules. And
now I am<br>
little confused about what to do next. May if someone has
faced with<br>
automount config can give me some advice, or if there is any
howto<br>
config automount, or some can advise howto debug this
situation?<br>
<span class="HOEnZb"><font color="#888888"><br>
--<br>
Manage your subscription for the Freeipa-users mailing
list:<br>
<a moz-do-not-send="true"
href="https://www.redhat.com/mailman/listinfo/freeipa-users"
rel="noreferrer" target="_blank">https://www.redhat.com/mailman/listinfo/freeipa-users</a><br>
Go to <a moz-do-not-send="true"
href="http://freeipa.org" rel="noreferrer"
target="_blank">http://freeipa.org</a> for more info
on the project</font></span></blockquote>
</div>
<br>
</div>
</blockquote>
<br>
</body>
</html>