[Bug 899369] New: autofs using ldap maps doesn't work
http://bugzilla.opensuse.org/show_bug.cgi?id=899369 Bug ID: 899369 Summary: autofs using ldap maps doesn't work Classification: openSUSE Product: openSUSE Factory Version: 13.2 Beta 1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network Assignee: bnc-team-screening@forge.provo.novell.com Reporter: st-malcolm.moore@whsg.info QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- Created attachment 608674 --> http://bugzilla.opensuse.org/attachment.cgi?id=608674&action=edit sssd.conf autofs doesn't work. Service gives message setautomntent: lookup(sss): setautomntent: No such file or directory auto maps are in openldap on a SUSE 11 sp3 server - set up works fine with openSUSE 13.1 My sssd.conf is attached Since there seems no where to set this up using Yast the ldap entries are taken using the /etc/sysconfig/autofs from a working 13.1 as a guide Authentication works fine M -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
Bernhard Wiedemann
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #2 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #3 from malcolm moore
From journalctl if it helps
Oct 09 11:38:40 linux-epqf kernel: sssd[1754]: segfault at 1 ip 00007f50cca6af80 sp 00007fff39b345a0 error 4 in libc-2.19.so[7f50cca23000+19e000] Oct 09 11:38:40 linux-epqf systemd[1]: Failed to start System Security Services Daemon. M -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #4 from Jakub Hrozek
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #5 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #6 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #7 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #8 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #9 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #10 from Jakub Hrozek
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #11 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
Peter Varkoly
Created attachment 609465 [details] Screenshot of LDAP auto.master
sssd does not support this kind of autfs maps. sssd support ldap only maps. For sssd the nisMapEntry must contain the name of the map. In your case: nisMapEntry: autoHome ----------------- You can still use your old configuration. But in this case you must not enable autofs in sssd and you have to configure autofs as usual: Setting "automount: files ldap" in /etc/nsswitch.conf Adapt /etc/sysconfig/autofs and adapt /etc/autofs_ldap_auth.conf -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #13 from malcolm moore
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #14 from Jakub Hrozek
(In reply to malcolm moore from comment #8)
Created attachment 609465 [details] Screenshot of LDAP auto.master
sssd does not support this kind of autfs maps. sssd support ldap only maps. For sssd the nisMapEntry must contain the name of the map. In your case:
Not sure I follow you, can you elaborate? Are you saying the attributes are mismatched and the entries use value for names and vice versa? (Sorry, I don't have a server with the nis* schema around so I can't test myself..)
nisMapEntry: autoHome
----------------- You can still use your old configuration. But in this case you must not enable autofs in sssd and you have to configure autofs as usual: Setting "automount: files ldap" in /etc/nsswitch.conf
Adapt /etc/sysconfig/autofs and adapt /etc/autofs_ldap_auth.conf
-- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #15 from malcolm moore
(In reply to malcolm moore from comment #8)
Created attachment 609465 [details] Screenshot of LDAP auto.master
sssd does not support this kind of autfs maps. sssd support ldap only maps. For sssd the nisMapEntry must contain the name of the map. In your case:
nisMapEntry: autoHome
----------------- You can still use your old configuration. But in this case you must not enable autofs in sssd and you have to configure autofs as usual: Setting "automount: files ldap" in /etc/nsswitch.conf
Adapt /etc/sysconfig/autofs and adapt /etc/autofs_ldap_auth.conf
OK, I will give it a go. The ldap maps are what Suse does by default when you use Yast to create users and automaps. I didn't do anything different. It seems odd that it won't work Ta M -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #16 from Jakub Hrozek
Created attachment 609475 [details] After autofs and sssd restart
The domain logs would show the query better, but this log indeed indicates that after restart the query went through. This is a known issue, unfortunately, tracked with: https://bugzilla.redhat.com/show_bug.cgi?id=1101782 -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #17 from malcolm moore
(In reply to malcolm moore from comment #11)
Created attachment 609475 [details] After autofs and sssd restart
The domain logs would show the query better, but this log indeed indicates that after restart the query went through. This is a known issue, unfortunately, tracked with: https://bugzilla.redhat.com/show_bug.cgi?id=1101782
It won't let me look at that ... M -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #18 from Jakub Hrozek
(In reply to Jakub Hrozek from comment #16)
(In reply to malcolm moore from comment #11)
Created attachment 609475 [details] After autofs and sssd restart
The domain logs would show the query better, but this log indeed indicates that after restart the query went through. This is a known issue, unfortunately, tracked with: https://bugzilla.redhat.com/show_bug.cgi?id=1101782
It won't let me look at that ...
M
Sorry about that, I made the RH bug public. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #19 from Peter Varkoly
(In reply to Peter Varkoly from comment #12)
(In reply to malcolm moore from comment #8)
Created attachment 609465 [details] Screenshot of LDAP auto.master
sssd does not support this kind of autfs maps. sssd support ldap only maps. For sssd the nisMapEntry must contain the name of the map. In your case:
Not sure I follow you, can you elaborate?
Are you saying the attributes are mismatched and the entries use value for names and vice versa?
(Sorry, I don't have a server with the nis* schema around so I can't test myself..)
nisMapEntry: autoHome
----------------- You can still use your old configuration. But in this case you must not enable autofs in sssd and you have to configure autofs as usual: Setting "automount: files ldap" in /etc/nsswitch.conf
Adapt /etc/sysconfig/autofs and adapt /etc/autofs_ldap_auth.conf
I've tested sssd a lot of time by higher debug level. The entries of the auto.master tables was searched every time by: (nisMapName=<Value of nisMapEntry>) This means if you have in auto.master following entries: nisMapEntry: ldap nisMapName=auto.home,ou=mounts,dc=sample,dc=com The filter looks like: (nisMapName=ldap nisMapName=auto.home,ou=mounts,dc=sample,dc=com) and it fails everytime. If the nisMapEntry contains the nisMapName of the autofs table it works fine: nisMapEntry: auto.home Filter is: (nisMapName=auto.home) The normal autmount can implement both kind of nisMapEntry. I'll attach 2 ldif examples for the same autofs tabs. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #20 from Peter Varkoly
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #21 from Peter Varkoly
http://bugzilla.opensuse.org/show_bug.cgi?id=899369
--- Comment #22 from malcolm moore
participants (1)
-
bugzilla_noreply@novell.com