Learn more about these different git repos.
Other Git URLs
Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1389138
Description of problem: Wildcard autofs maps don't seem to work when the map is stored in LDAP and accessed by sssd. Using a map containing a wildcard works of autofs contacts LDAP directly, but not via sssd. Ordinary "fully specified" (non-wildcard) keys work fine via SSSD+LDAP. Version-Release number of selected component (if applicable): sssd-krb5-common-1.13.0-40.el7_2.12.x86_64 sssd-ldap-1.13.0-40.el7_2.12.x86_64 sssd-common-1.13.0-40.el7_2.12.x86_64 sssd-common-pac-1.13.0-40.el7_2.12.x86_64 sssd-krb5-1.13.0-40.el7_2.12.x86_64 sssd-proxy-1.13.0-40.el7_2.12.x86_64 sssd-ipa-1.13.0-40.el7_2.12.x86_64 python-sssdconfig-1.13.0-40.el7_2.12.noarch sssd-client-1.13.0-40.el7_2.12.x86_64 sssd-ad-1.13.0-40.el7_2.12.x86_64 sssd-1.13.0-40.el7_2.12.x86_64 autofs-5.0.7-54.el7.x86_64 How reproducible: Only tested on one client so far. Steps to Reproduce: 1. Add an automount entry to /etc/auto.master with automount configured to access LDAP via sssd
$ cat /etc/auto.master /nfs auto.nfs
$ grep automount /etc/nsswitch.conf automount: files sss
2. Configure a wildcard entry in LDAP
dn: cn=/,nisMapName=auto.nfs,dc=example.com changetype: add objectClass: nisObject cn: * nisMapEntry: -rw,hard,intr,rsize=8192,wsize=8192,nosuid,tcp XXX.XXX.XXX.XXX:/t ank/HomeNet/Users/& nisMapName: auto.nfs
3. Configure sssd to consult ldap for autofs
ldap_autofs_search_base=dc=example,dc=com ldap_autofs_map_object_class=nisMap ldap_autofs_map_name=nisMapName ldap_autofs_entry_object_class=nisObject ldap_autofs_entry_key=cn ldap_autofs_entry_value=nisMapEntry
4. Clear sss_cache, restart sssd and automount Actual results: Mountpoints aren't mounted
ls /nfs/visitor ls: cannot access /nfs/visitor: No such file or directory
Expected results: Mountpoint get's automounted Additional info: Configuring automount to consult the same LDAP entry directly (avoiding sssd) works
$ cat /etc/sysconfig/autofs LDAP_URI=ldap://r7-ldap1.example.com SEARCH_BASE="dc=example,dc=com" MAP_OBJECT_CLASS=nisMap ENTRY_OBJECT_CLASS=nisObject MAP_ATTRIBUTE=nisMapName ENTRY_ATTRIBUTE=cn VALUE_ATTRIBUTE="nisMapEntry"
$ grep automount /etc/nsswitch.conf automount: files ldap
$ systemctl restart autofs $ ls /nfs/user1
Also, specifying the key explicitly works, e.g. an LDAP entry for
dn: cn=user1,nisMapName=auto.nfs,dc=example,dc=com objectClass: nisObject cn: user1 nisMapEntry: -rw,hard,intr,rsize=8192,wsize=8192,nosuid,tcp XXX.XXX.XXX.XXX:/t ank/HomeNet/Users/user1 nisMapName: auto.nfs
Metadata Update from @jhrozek: - Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1389138
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/4502
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Metadata Update from @pbrezina: - Issue close_status updated to: cloned-to-github - Issue status updated to: Closed (was: Open)
Login to comment on this ticket.