I have been running a diskless NFS setup with the included sssd.conf for over 2 years.

The machine in question was a workstation for building RPMs and NFS/LDAP testing and research.

Possibly related.  The NFS client seems to have suffered a setback recently.  I now get Kernel crashes when issuing large kernel builds on a NFS share.

I.e.  make -j 400 bzImage; make -j 400 modules.

I filed a bug with Redhat about it.  So far I can tell it affects 4.20 and 5.0.x vanilla builds and Redhat official kernels.








On Mon, Mar 25, 2019, 3:10 AM Lukas Slebodnik <lslebodn@redhat.com> wrote:
On (24/03/19 19:10), Gregory Carter wrote:
>I have a diskless workstation, which I noticed recently with some updates
>has stopped working with respect to sssd.  Here is the config which no
>longer works:
>
>[domain/default]
>id_provider = ldap
>autofs_provider = ldap
>auth_provider = ldap
>chpass_provider = ldap
>ldap_uri = ldap://named.domain.com/
>ldap_search_base = dc=domain,dc=com
>ldap_id_use_start_tls = True
>ldap_tls_cacertdir = /etc/openldap/certs
>cache_credentials = True
>ldap_autofs_map_object_class   = automountMap
>ldap_autofs_map_name           = ou
>ldap_autofs_entry_object_class = automount
>ldap_autofs_entry_key          = cn
>ldap_autofs_entry_value        = automountInformation
>debug_level = 9
>
>[sssd]
>services = nss, pam, autofs
>domains = default
>debug_level = 9
>
>[nss]
>homedir_substring = /home
>debug_level = 9
>
>[pam]
>debug_level = 9
>
>[sudo]
>debug_level = 9
>
>[autofs]
>debug_level = 9
>
>[ssh]
>debug_level = 9
>
>[pac]
>debug_level = 9
>
>[ifp]
>debug_level = 9
>
>[secrets]
>debug_level = 9
>
>[session_recording]
>debug_level = 9
>
>What I found, is that the /var/lib/sss directory is not working correctly
>anymore with NFS root mount.
>

Are you sure that it worked on fedora < 29 ?

NFS was never recommended for /var/lib/sss/db.

>Lots of timeout and error messages which, after looking at with various
>debug levels, really didn't offer any clue to exactly why the various
>components would time out.
>
>However, I did notice  the only workstation which had a issue with the
>update was the diskless workstation, so I mounted the /var/lib/sss
>directory on /tmp (Ram disk) which fixed the issue.
>
tmpfs is better for diskless workstation than NFS.

>I searched for a option to change the sssd /var/lib/sss path and did not
>find one.
>
>Is there a way to change that in the /etc/sssd/sssd.conf?

No, /var/lib/sss is hardcoded.

LS
_______________________________________________
sssd-users mailing list -- sssd-users@lists.fedorahosted.org
To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.org