On Wed, Aug 12, 2015 at 09:48:38PM -0400, Brendan Kearney wrote:
> i have a fedora 20 install on a desktop that is working and autofs will read
> the auto.master from ldap and i can mount the shares specified in
> auto.shares listed.
>
> i have a fedora 20 install on a laptop that will not work and cannot read
> the auto.master from ldap.
>
> i have done everything i can think of to make the 2 as "apples to apples"
> identical as i can, but still cannot get autofs to read the auto.master from
> ldap.
>
> [root@laptop ~]# automount -fd -vvvvvvvvvvvvvvvvvvvvvvvvvvvvvvvv
> Starting automounter version 5.0.7-42.fc20, master map auto.master
> using kernel protocol version 5.02
> lookup_nss_read_master: reading master sss auto.master
> parse_init: parse(sun): init gathered global options: (null)
> spawn_mount: mtab link detected, passing -n to mount
> spawn_umount: mtab link detected, passing -n to mount
> setautomntent: lookup(sss): setautomntent: No such file or directory
> lookup_nss_read_master: auto.master not found, replacing '.' with
'_'
> parse_init: parse(sun): init gathered global options: (null)
> spawn_mount: mtab link detected, passing -n to mount
> spawn_umount: mtab link detected, passing -n to mount
> setautomntent: lookup(sss): setautomntent: No such file or directory
This message just means that there are no more maps in the table.
> no mounts in table
> ^Cautofs stopped
>
> i believe i am hung up by the setautomntent: no such file or directory line.
> the configs are pretty much copied from the working desktop. any help is
> appreciated.
>
> *sssd.conf**:*
> [sssd]
> domains =
bpk2.com
> services = nss, pam, sudo, autofs
> config_file_version = 2
> #debug_level = 4
>
> [nss]
> filter_groups = root
> filter_users = root
>
> [pam]
>
> [sudo]
>
> [autofs]
>
> [
domain/bpk2.com]
> #debug_level = 4
> id_provider = ldap
> ldap_schema = rfc2307bis
> ldap_uri =
_srv_,ldap://ldap1.bpk2.com,ldap://ldap2.bpk2.com
> ldap_search_base = dc=bpk2,dc=com
> ldap_sasl_mech = GSSAPI
> ldap_sasl_authid =
host/laptop.bpk2.com
> ldap_sasl_realm =
BPK2.COM
>
> auth_provider = krb5
> krb5_server =
_srv_,kerberos.bpk2.com
> krb5_realm =
BPK2.COM
> krb5_renewable_lifetime = 7d
> krb5_lifetime = 24h
> krb5_renew_interval = 1h
> krb5_store_password_if_offline = true
> cache_credentials = true
>
> sudo_provider = ldap
> ldap_sudo_search_base = ou=SUDO Groups,ou=Roles,dc=bpk2,dc=com
>
> autofs_provider = ldap
> ldap_autofs_search_base = cn=autofs,ou=Daemons,dc=bpk2,dc=com
> ldap_autofs_map_object_class = automountMap
> ldap_autofs_entry_object_class = automount
> ldap_autofs_map_name = automountMapName
> ldap_autofs_entry_key = automountKey
> ldap_autofs_entry_value = automountInformation
>
> #min_id = 1000
> #max_id = 2000
> enumerate = false
The config looks OK..
> *autofs_ldap_auth.conf**:*
You don't need this config file unless you're also using the ldap direct
integration.
I would suggest to debug like this:
- stop automounter
- enable verbose (7+) debug_level in the autofs and domain sections
- start sssd
- run 'date' to pair the timestamp in the logs with the system clock
- start automounter -m on the foreground
- run date again to know the timestamp of request end
- check out autofs responder and domain logs
_______________________________________________
sssd-users mailing list
sssd-users(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-users [root@laptop ~]# date
Thu Aug 13 17:06:07 EDT 2015
[root@laptop ~]# automount -m
autofs dump map information
===========================
global options: none configured
no master map entries found
[root@laptop ~]# date
Thu Aug 13 17:06:22 EDT 2015
[root@laptop ~]# journalctl -u autofs
...
Aug 13 17:05:12 laptop systemd[1]: Stopped Automounts filesystems on demand.
[root@laptop ~]# journalctl -u sssd
...
Aug 13 17:06:12 laptop sssd_be[16364]: ldapdb_canonuser_plug_init()
failed in sasl_canonuser_add_plugin(): invalid parameter supplied
Aug 13 17:06:12 laptop sssd_be[16364]: _sasl_plugin_load failed on
sasl_canonuser_init for plugin: ldapdb
Aug 13 17:06:12 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:12 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:12 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:12 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:15 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:15 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 1
Aug 13 17:06:16 laptop sssd_be[16364]: GSSAPI client step 2
the ldap_canonuser_plug_init message is a red-herring. i see that in my
working instance on the desktop, and it does not affect the (in)ability
to enumerate the automount maps from ldap.