Following the steps at: https://fedoraproject.org/wiki/QA:Testcase_freeipav3_automount
(master set-up) ... (client) # ipa-client-automount --server=server.example.com IPA server: server.example.com Location: default Continue to configure the system with these values? [no]: yes Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started nfs-idmap.service Started nfs-secure.service Restarting sssd, waiting for it to become available. Started autofs.service # klist klist: No credentials cache found (ticket cache FILE:/tmp/krb5cc_0) # ls /ipaexport/test hello
Access to mounted directory should not be allowed without credentials.
Exports file (on master):
# cat /etc/exports /ipaexport *(rw,sec=sys:krb5:krb5i:krb5p)
Default location (master):
# ipa automountlocation-tofiles default /etc/auto.master: /- /etc/auto.direct /ipaexport /etc/ipaexport --------------------------- /etc/auto.direct: --------------------------- /etc/ipaexport: test -fstype=nfs4,rw,sec=krb5,soft,rsize=8192,wsize=8192 server.example.com:/ipaexport maps not connected to /etc/auto.master:
NFS caches credentials during a mount so kdestroy will have no effect. I believe that is the cause, and I shouldn't have added the kdestroy section to the test script.
I believe this is not a bug.
reopening for triage
Bad instructions for the test day caused this.
Metadata Update from @tbabej: - Issue assigned to someone - Issue set to the milestone: FreeIPA 3.0.1 (bug fixing)
Login to comment on this ticket.