Randy Morgan
CSR
Department of Chemistry and Biochemistry
Brigham Young University
801-422-4100
On 03/28/2018 13:19, Rob Crittenden wrote:
Randy Morgan via FreeIPA-users wrote:
> We have been working to get automounting working on RHEL 7.4 without any
> success. I am including how the server has been built, ipa-client
> installed and configured, etc. I will also include the relevant parts
> of the logs.
>
> 1.
> Install RHEL 7.4 or other required version
> 2.
> subscription-manager register
> 3.
> Type username and password
> 4.
> subscription-manager repos –enable=rhel-7-server-rpms
> 5.
> subscription-manager repos –enable=rhel-7-server-extras-rpms
> 6.
> subscription-manager repos –enable=rhel-7-server-optional-rpms
> 7.
> yum instll –y
>
http://dl.fedoraproject.org/pub/epel/x86_64/Packages/e/epel-release-7-11....
> (or whatever the latest is)
> 8.
> yum update && install -y samba samba-client samba-common cifs-utils
> 9.
> yum install –y ipa-client
> 10.
> yum update -y
> 11.
> install ipa-client: ipa-client-install –enable-dns-updates
> –force-join –ssh-trust-dns –hostname <
host>.chem.byu.edu –mkhomedir
> 12.
> ipa-client-automount –location=defualt
> 13.
> authconfig –enablemkhomedir –updateall
> 14.
> ipa-getkeytab -s
ipa1.chem.byu.edu -p
nfs/<host>.chem.byu.edu -k
> /etc/krb5.keytab
> 15.
> ipa-getkeytab -s
ipa1.chem.byu.edu -p
cifs/<host>.chem.byu.edu -k
> /etc/krb5.keytab
>
> After getting everything setup, when logging in with an IPA user account
> it acts like it is logging in but then immediately returns to the login
> page. Looking in the logs shows the following:
>
> Mar 27 12:33:41 jdmlab1 journal: g_task_return_error: assertion 'error
> != NULL' failed
> Mar 27 12:33:41 jdmlab1 journal: failed to set screen _ICC_PROFILE:
> Failed to open file
> '/var/lib/gdm/.local/share/icc/edid-dcf60fecec69cef7bcda72bf1bbc37f5.icc':
> Permission denied
> Mar 27 12:33:41 jdmlab1 journal: failed to set screen _ICC_PROFILE:
> Failed to open file
> '/var/lib/gdm/.local/share/icc/edid-dcf60fecec69cef7bcda72bf1bbc37f5.icc':
> Permission denied
> Mar 27 12:34:00 jdmlab1 systemd-logind: New session 3 of user randym.
> Mar 27 12:34:00 jdmlab1 systemd: Started Session 3 of user randym.
> Mar 27 12:34:00 jdmlab1 systemd: Starting Session 3 of user randym.
> Mar 27 12:34:00 jdmlab1 oddjob-mkhomedir[4291]: error creating
> /home/csr/randym: No such file or directory
> Mar 27 12:34:04 jdmlab1 gnome-session: gnome-session-binary[4053]:
> WARNING: Lost name on bus: org.gnome.SessionManager
> Mar 27 12:34:04 jdmlab1 gnome-session-binary[4053]: WARNING: Lost name
> on bus: org.gnome.SessionManager
> Mar 27 12:34:04 jdmlab1 journal: Error releasing name
> org.gnome.SettingsDaemon: The connection is closed
> Mar 27 12:34:04 jdmlab1 journal: Invalid id 5 passed to g_bus_unown_name()
> Mar 27 12:34:04 jdmlab1 journal: failed to connect to device: Failed to
> connect to missing device
>
/org/freedesktop/ColorManager/devices/xrandr_Dell_Inc__DELL_1800FP_7R47737N01PX_gdm_42
> Mar 27 12:34:05 jdmlab1 gnome-session: gnome-session-binary[4338]:
> WARNING: IceLockAuthFile failed: No such file or directory
> Mar 27 12:34:05 jdmlab1 gnome-session-binary[4338]: WARNING:
> IceLockAuthFile failed: No such file or directory
>
> The home directories are found on the fileserver, and are both NFS and
> SMB mountable. We have successfully gotten this to work on RHEL 6.9,
> and I believe on RHEL 7.2, but not on RHEL 7.4. Searching through the
> relevant config files shows no differences in their configurations
> between any of the different versions including 7.4.
Does automount work for existing directories?
Let me see if I can muddy the waters
a little more, or if I am lucky
clear things up a little. We are using autofs to mount nfs volumes
located on the fileserver:
bash-4.2$ mount
proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
devtmpfs on /dev type devtmpfs
(rw,nosuid,size=36900652k,nr_inodes=9225163,mode=755)
securityfs on /sys/kernel/security type securityfs
(rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts
(rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /run type tmpfs (rw,nosuid,nodev,mode=755)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,mode=755)
cgroup on /sys/fs/cgroup/systemd type cgroup
(rw,nosuid,nodev,noexec,relatime,xattr,release_agent=/usr/lib/systemd/systemd-cgroups-agent,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
cgroup on /sys/fs/cgroup/cpuset type cgroup
(rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup
(rw,nosuid,nodev,noexec,relatime,cpuacct,cpu)
cgroup on /sys/fs/cgroup/memory type cgroup
(rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/devices type cgroup
(rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/freezer type cgroup
(rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/net_cls type cgroup
(rw,nosuid,nodev,noexec,relatime,net_cls)
cgroup on /sys/fs/cgroup/blkio type cgroup
(rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/perf_event type cgroup
(rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/hugetlb type cgroup
(rw,nosuid,nodev,noexec,relatime,hugetlb)
configfs on /sys/kernel/config type configfs (rw,relatime)
/dev/mapper/rhel-root on / type xfs (rw,relatime,attr2,inode64,noquota)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs
(rw,relatime,fd=30,pgrp=1,timeout=0,minproto=5,maxproto=5,direct)
mqueue on /dev/mqueue type mqueue (rw,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,relatime)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime)
sunrpc on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw,relatime)
sunrpc on /proc/fs/nfsd type nfsd (rw,relatime)
/dev/sda2 on /boot type xfs (rw,relatime,attr2,inode64,noquota)
/dev/mapper/rhel-home on /home type xfs (rw,relatime,attr2,inode64,noquota)
tmpfs on /run/user/42 type tmpfs
(rw,nosuid,nodev,relatime,size=7381988k,mode=700,uid=42,gid=42)
/etc/auto.misc on /misc type autofs
(rw,relatime,fd=6,pgrp=2992,timeout=300,minproto=5,maxproto=5,indirect)
-hosts on /net type autofs
(rw,relatime,fd=12,pgrp=2992,timeout=300,minproto=5,maxproto=5,indirect)
auto.faculty on /home/faculty type autofs
(rw,relatime,fd=18,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.postdoc on /home/postdoc type autofs
(rw,relatime,fd=24,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.researcher on /home/research type autofs
(rw,relatime,fd=30,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.other on /home/other type autofs
(rw,relatime,fd=36,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.students on /home/students type autofs
(rw,relatime,fd=42,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.csr on /home/csr type autofs
(rw,relatime,fd=48,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.research_shares on /groups/research type autofs
(rw,relatime,fd=54,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
auto.staff on /home/staff type autofs
(rw,relatime,fd=60,pgrp=2992,timeout=600,minproto=5,maxproto=5,indirect)
fusectl on /sys/fs/fuse/connections type fusectl (rw,relatime)
tmpfs on /run/user/0 type tmpfs
(rw,nosuid,nodev,relatime,size=7381988k,mode=700)
When the login, which should automatically connect the users homedir
located in one of the autofs volumes, takes place the following is what
happens:
Mar 28 15:29:05 jdmlab1 dracut: *** Creating image file ***
Mar 28 15:29:08 jdmlab1 systemd: Created slice User Slice of randym.
Mar 28 15:29:08 jdmlab1 systemd: Starting User Slice of randym.
Mar 28 15:29:08 jdmlab1 systemd-logind: New session 1 of user randym.
Mar 28 15:29:08 jdmlab1 systemd: Started Session 1 of user randym.
Mar 28 15:29:08 jdmlab1 systemd: Starting Session 1 of user randym.
Mar 28 15:29:08 jdmlab1 oddjobd: Error
org.freedesktop.DBus.Error.SELinuxSecurityContextUnknown: Could not
determine security context for ':1.39'.
Mar 28 15:29:08 jdmlab1 oddjob-mkhomedir[11771]: error creating
/home/csr/randym: Permission denied
Mar 28 15:29:10 jdmlab1 colord: device removed: xrandr-Dell Inc.-DELL
1800FP-7R47737N01PX
Mar 28 15:29:10 jdmlab1 colord: Profile removed:
icc-523909406475d8b7f92f093531d0b19f
Mar 28 15:29:10 jdmlab1 /etc/gdm/Xsession: mkdir: cannot create
directory â/home/csr/randymâ: Permission denied
Mar 28 15:29:10 jdmlab1 /etc/gdm/Xsession: touch: cannot touch
â/home/csr/randym/.cache/imsettings/logâ: No such file or directorr
y
Mar 28 15:29:11 jdmlab1 kernel: fuse init (API version 7.22)
Mar 28 15:29:11 jdmlab1 systemd: Mounting FUSE Control File System...
Mar 28 15:29:11 jdmlab1 systemd: Mounted FUSE Control File System.
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession:
/usr/libexec/imsettings-functions: line 37:
/home/csr/randym/.cache/imsettings/log: No such file or directory
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Desktop
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Downloads
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Templates
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Public
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Documents
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Music
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Pictures
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: Can't create dir
/home/csr/randym/Videos
Mar 28 15:29:11 jdmlab1 /etc/gdm/Xsession: mkdir: cannot create
directory â/home/csr/randymâ: Permission denied
Mar 28 15:29:11 jdmlab1 gnome-session[11776]: WARNING: IceLockAuthFile
failed: No such file or directory
Mar 28 15:29:11 jdmlab1 gnome-session: gnome-session[11776]: WARNING:
IceLockAuthFile failed: No such file or directory
Mar 28 15:29:12 jdmlab1 kernel: [drm] mga base 0
Mar 28 15:29:12 jdmlab1 gdm: GLib-GObject: g_object_ref: assertion
'object->ref_count > 0' failed
Mar 28 15:29:12 jdmlab1 gdm: GLib-GObject: g_object_unref: assertion
'object->ref_count > 0' failed
Mar 28 15:29:12 jdmlab1 dbus[2195]: [system] Rejected send message, 1
matched rules; type="method_call", sender=":1.9" (uid=0 pid=2283
comm="/usr/sbin/gdm ") interface="org.freedesktop.DBus.Properties"
member="GetAll" error name="(unset)" requested_reply="0"
destination=":1.45" (uid=0 pid=11981 comm="/usr/libexec/gdm-simple-slave
--display-id /org/gn")
Mar 28 15:29:12 jdmlab1 dbus-daemon: dbus[2195]: [system] Rejected send
message, 1 matched rules; type="method_call", sender=":1.9" (uid=0
pid=2283 comm="/usr/sbin/gdm ")
interface="org.freedesktop.DBus.Properties" member="GetAll" error
name="(unset)" requested_reply="0" destination=":1.45"
(uid=0 pid=11981
comm="/usr/libexec/gdm-simple-slave --display-id /org/gn")
What we are trying to figure out is why it is attempting to create a
local copy of the users homedir folder, and is this necessary in order
for logins to take place. As can be seen above any attempt to create
this local folder in the correct autofs mounted volume leads to a
permission denied response and the login fails.
Hope that is as clear as mud.
Randy
Are you saying that in RHEL 7.2 and 6.9 you use oddjobd to automatically
create new user directories on NFS mounts?
rob