To add:
If mounted with -S (no sssd) upon login the mount is not accepted and error:
key has expired: /home/foo.org/foouser
though with klist:
non expired krb5 key.
SH
On 10/08/2022 09:33, Sami Hulkko via FreeIPA-users wrote:
> I can add that with:
>
> ipa-client-automount -S (no sssd)
>
> it works.
>
> On 10/08/2022 09:23, Sami Hulkko wrote:
>> Hi,
>>
>> I have a home folders shared at
server.foo.org on folder
>> /srv/home/foo.org and I can mount this share on
client.foo.org with
>> kerberos security.
>>
>> /etc/export is:
>>
>> /srv/home/foo.org
>> *(rw,sec=krb5:krb5i:krb5p,sync,no_root_squash,no_subtree_check)
>>
>> On Freeipa server under Network Services I have:
>>
>> default
>>
>> under it :
>>
>> auto.master that has /home/foo.org key and auto.home mount information.
>>
>> auto.home has:
>>
>> * -fstype=nfs4,rw,sec=krb5
server.foo.org:/srv/home/foo.org/&
>>
>> So, NFS share mount on manual mount command with Kerberos5 security.
>> Yet the automount fails on login. I don't see any error on config.
>>
>> SH
>>
> _______________________________________________
> FreeIPA-users mailing list -- freeipa-users(a)lists.fedorahosted.org
> To unsubscribe send an email to
> freeipa-users-leave(a)lists.fedorahosted.org
> Fedora Code of Conduct:
>
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines:
https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
>
https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedoraho...
> Do not reply to spam, report it:
>
https://pagure.io/fedora-infrastructure/new_issue