Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 6): Bug 1232468
Description of problem: When using "ipa-client-automount" to configure automount and NFS on an IPA client, the "Domain" option is added to the bottom of the /etc/idmapd.conf file. Because this file is formatted into sections, the "Domain" option is placed in the [Translation] section, and not the [General] section of the configuration file. ID mapping does not work correctly with the "Domain" option in the [Translation] section. After manually moving the "Domain" option to the [General] section, ID mapping works correctly. Version-Release number of selected component (if applicable): ipa-client-3.0.0-42.el6.x86_64 nfs-utils-lib-1.1.5-9.el6.x86_64 How reproducible: This is reproducible every time "ipa-client-automount" is executed and /etc/idmapd.conf is modified. Steps to Reproduce: 1. Install a fresh Red Hat Enterprise Linux 6 host and apply all updates. 2. Install the "ipa-client" package. 3. Join host to IPA domain using "ipa-client-install". 4. Configure automount and NFS using "ipa-client-automount". Actual results: # ipa-client-automount --server rhidm.example.com --location default IPA server: rhidm.example.com Location: default Continue to configure the system with these values? [no]: yes Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started rpcidmapd Started rpcgssd Restarting sssd, waiting for it to become available. Started autofs # ls -l /net/nfs-server.example.com/nfsvol/ total 156 drwx------. 8 nobody nobody 4096 May 21 2013 user1 drwx--x--x. 16 nobody nobody 4096 Feb 9 08:56 user2 drwx------. 2 nobody nobody 4096 Apr 6 11:10 user3 drwx------. 2 nobody nobody 4096 Oct 5 2012 user4 drwx------. 2 nobody nobody 4096 Oct 5 2012 user5 # cat /etc/idmapd.conf | awk '$0 ~ /^#|^$/ { next } { print }' [General] [Mapping] Nobody-User = nobody Nobody-Group = nobody [Translation] Method = nsswitch Domain=rhidm.bor.ct.edu Expected results: # ipa-client-automount --server rhidm.example.com --location default IPA server: rhidm.example.com Location: default Continue to configure the system with these values? [no]: yes Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started rpcidmapd Started rpcgssd Restarting sssd, waiting for it to become available. Started autofs # ls -l /net/nfs-server.example.com/nfsvol/ total 156 drwx------. 8 user1 user1 4096 May 21 2013 user1 drwx--x--x. 16 user2 user2 4096 Feb 9 08:56 user2 drwx------. 2 user3 user3 4096 Apr 6 11:10 user3 drwx------. 2 user4 user4 4096 Oct 5 2012 user4 drwx------. 2 user5 user5 4096 Oct 5 2012 user5 # cat /etc/idmapd.conf | awk '$0 ~ /^#|^$/ { next } { print }' [General] Domain=rhidm.bor.ct.edu [Mapping] Nobody-User = nobody Nobody-Group = nobody [Translation] Method = nsswitch Additional info: Before fixing /etc/idmapd.conf, several "mapping" errors are logged into /var/log/messages: Jun 16 16:03:50 example nfsidmap[2624]: nss_getpwnam: name ?user1@rhidm.example.com' does not map into domain 'example.com' Jun 16 16:03:50 example nfsidmap[2626]: nss_getpwnam: name ?user2@rhidm.example.com' does not map into domain 'example.com' Jun 16 16:03:50 example nfsidmap[2628]: nss_getpwnam: name ?user3@rhidm.example.com' does not map into domain 'example.com' Jun 16 16:03:50 example nfsidmap[2630]: nss_getpwnam: name ?user4@rhidm.example.com' does not map into domain 'example.com'
Domain is configured correctly(replaced) if /etc/idmapd.conf already contains some domain configuration in general section.
FreeIPA 4.2.1 was released, moving to 4.2.x.
master:
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1341702 (Fedora)
Accidentally linked twice
Metadata Update from @pvoborni: - Issue assigned to tbabej - Issue set to the milestone: FreeIPA 4.3
Login to comment on this ticket.