Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Fedora): Bug 961314
Created attachment 745646 sssd_autofs.log sssd_example.org.log Description of problem: Unable to configure ipa automount on client and wrong error code given in /var/log/messages Version-Release number of selected component (if applicable): sssd-1.10.0-4.fc19.beta1.x86_64 How reproducible: Always Steps to Reproduce: https://fedoraproject.org/wiki/QA:Testcase_FreeIPA_realmd_automount 1. Add client freeipa domain 2. Add nfs service and configure nfs server on freeipa server 3. Configure automnount 4. Configure client for automount with sssd # ipa-client-automount Actual results: [root@client1 ~]# ipa-client-automount Searching for IPA server... IPA server: DNS discovery Location: default Continue to configure the system with these values? [no]: y Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started rpcidmapd Started rpcgssd Restarting sssd, waiting for it to become available. Unable to find 'admin' user with 'getent passwd admin'! This may mean that sssd didn't re-start properly after the configuration changes. Started autofs [root@client1 sssd]# tail -f /var/log/messages May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory [root@client1 ~]# ls /ipaexport/test ls: cannot access /ipaexport/test: No such file or directory Expected results: # ipa-client-automount Searching for IPA server... IPA server: server.ipa.example.org Location: default Continue to configure the system with these values? [no]: y Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started nfs-idmap.service Started nfs-secure.service Restarting sssd, waiting for it to become available. Started autofs # kinit admin NFS exported file # ls /ipaexport/test hello Additional info: [root@client1 sssd]# tail -f /var/log/messages May 9 16:52:01 client1 systemd[1]: Starting NFS Server... May 9 16:52:01 client1 kernel: [17379.233793] NFSD: starting 90-second grace period (net ffffffff81d03f80) May 9 16:52:01 client1 systemd[1]: Started NFS Server. May 9 16:52:01 client1 systemd[1]: Starting NFS Mount Daemon... May 9 16:52:01 client1 systemd[1]: Starting NFS Remote Quota Server... May 9 16:52:01 client1 systemd[1]: Starting NFSv4 ID-name mapping daemon... May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: Could not bind socket: (13) Permission denied May 9 16:52:01 client1 rpc.mountd[18719]: mountd: could not create listeners May 9 16:52:01 client1 systemd[1]: Started NFSv4 ID-name mapping daemon. May 9 16:52:01 client1 systemd[1]: Started NFS Remote Quota Server. May 9 16:52:01 client1 systemd[1]: nfs-mountd.service: control process exited, code=exited status=1 May 9 16:52:01 client1 systemd[1]: Failed to start NFS Mount Daemon. May 9 16:52:01 client1 systemd[1]: Unit nfs-mountd.service entered failed state. May 9 16:52:01 client1 systemd[1]: Reloading. May 9 16:52:02 client1 systemd[1]: Starting Secure NFS... May 9 16:52:02 client1 systemd[1]: Started Secure NFS. May 9 16:52:02 client1 systemd[1]: Reloading. May 9 16:52:02 client1 systemd[1]: Stopping System Security Services Daemon... May 9 16:52:02 client1 sssd[sudo]: Shutting down May 9 16:52:02 client1 sssd[pam]: Shutting down May 9 16:52:02 client1 sssd[nss]: Shutting down May 9 16:52:02 client1 sssd[ssh]: Shutting down May 9 16:52:02 client1 sssd[pac]: Shutting down May 9 16:52:02 client1 sssd[be[example.org]]: Shutting down May 9 16:52:02 client1 systemd[1]: Starting System Security Services Daemon... May 9 16:52:02 client1 sssd: Starting up May 9 16:52:02 client1 sssd[be[example.org]]: Starting up May 9 16:52:02 client1 sssd[nss]: Starting up May 9 16:52:02 client1 sssd[sudo]: Starting up May 9 16:52:02 client1 sssd[ssh]: Starting up May 9 16:52:02 client1 sssd[pam]: Starting up May 9 16:52:02 client1 sssd[autofs]: Starting up May 9 16:52:02 client1 sssd[pac]: Starting up May 9 16:52:02 client1 systemd[1]: Started System Security Services Daemon. May 9 16:52:14 client1 systemd[1]: Starting Automounts filesystems on demand... May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory May 9 16:52:14 client1 automount[18783]: setautomntent: lookup(sss): setautomntent: Cannot allocate memory May 9 16:52:14 client1 systemd[1]: Started Automounts filesystems on demand. May 9 16:52:14 client1 systemd[1]: Reloading
Note - there seems to be two bugs, really. One is that the sysdb lookup fails, the other is that we shouldn't be returning ENOMEM.
blockedby: => blocking: => coverity: => design: => design_review: => 0 feature_milestone: => fedora_test_page: => review: True => 0 selected: => testsupdated: => 0
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.10.0
owner: somebody => lslebodn
milestone: SSSD 1.10.0 => SSSD 1.10.1
After Lukas' investigation, this bug turned to be a combination of a SELinux issue and ipa tools not requesting user with a fully qualified name.
changelog: => resolution: => worksforme status: new => closed
Metadata Update from @jhrozek: - Issue assigned to lslebodn - Issue set to the milestone: SSSD 1.10.1
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/2958
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.