From Fedora Project Wiki
No edit summary |
(use setup templates, drop claims that this tests realmd somehow) |
||
| (3 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
{{QA/Test_Case | {{QA/Test_Case | ||
|description= | |description=Test FreeIPA-controlled automounting. | ||
|setup= | |setup= | ||
{{Domain server setup|ad=0}} | |||
| | {{Domain client setup|ad=0}} | ||
|actions= | |actions= | ||
=== Configure an NFS server === | === Configure an NFS server === | ||
| Line 16: | Line 13: | ||
# yum install nfs-utils | # yum install nfs-utils | ||
Edit /etc/idmapd.conf and set Domain to your domain (example. | Edit /etc/idmapd.conf and set Domain to your domain (example.org) | ||
Create /etc/exports with the following content: | Create /etc/exports with the following content: | ||
| Line 36: | Line 33: | ||
# kinit admin | # kinit admin | ||
# ipa service-add nfs/ | # ipa service-add nfs/server.ipa.example.org | ||
# ipa-getkeytab -s | # ipa-getkeytab -s server.ipa.example.org -k /etc/krb5.keytab -p nfs/server.ipa.example.org | ||
Start NFS: | Start NFS: | ||
| Line 55: | Line 52: | ||
Create an automount key: | Create an automount key: | ||
# ipa automountkey-add default ipaexport --key=test --info='-fstype=nfs4,rw,sec=krb5,soft,rsize=8192,wsize=8192 | # ipa automountkey-add default ipaexport --key=test --info='-fstype=nfs4,rw,sec=krb5,soft,rsize=8192,wsize=8192 server.ipa.example.org:/ipaexport' | ||
=== Client test with SSSD === | === Client test with SSSD === | ||
| Line 63: | Line 60: | ||
# ipa-client-automount | # ipa-client-automount | ||
Searching for IPA server... | Searching for IPA server... | ||
IPA server: | IPA server: server.ipa.example.org | ||
Location: default | Location: default | ||
Continue to configure the system with these values? [no]: y | Continue to configure the system with these values? [no]: y | ||
| Line 102: | Line 99: | ||
# ipa-client-automount -S | # ipa-client-automount -S | ||
Searching for IPA server... | Searching for IPA server... | ||
IPA server: | IPA server: server.ipa.example.org | ||
Location: default | Location: default | ||
Continue to configure the system with these values? [no]: y | Continue to configure the system with these values? [no]: y | ||
| Line 135: | Line 132: | ||
}} | }} | ||
[[Category: | [[Category:FreeIPA_Test_Cases]] [[Category:Realmd_Test_Cases]] | ||
Latest revision as of 00:26, 26 November 2014
Description
Test FreeIPA-controlled automounting.
Setup
- Deploy a correctly-configured FreeIPA domain controller. You can follow:
- QA:Testcase_Server_role_deploy with the Domain Controller role to deploy a FreeIPA domain controller on Fedora 28 or earlier
- QA:Testcase_freeipa_trust_server_installation to deploy a FreeIPA domain controller on Fedora 29 or later
- Enrol a test system in the domain. There are various ways to do this. You will find several test cases you can follow in the Server release validation test cases, FreeIPA test cases, and Realmd test cases
How to test
Configure an NFS server
In order to test we need an NFS server to test against.
We will configure the IPA server as an NFS server. You will need to install these packages:
# yum install nfs-utils
Edit /etc/idmapd.conf and set Domain to your domain (example.org)
Create /etc/exports with the following content:
/ipaexport *(rw,sec=sys:krb5:krb5i:krb5p)
Note: you may want add the insecure option so that ports > 1024 can access the mount.
Create the export
# mkdir /ipaexport # touch /ipaexport/hello
Export the files:
# exportfs -fva
Create the IPA nfs service:
# kinit admin # ipa service-add nfs/server.ipa.example.org # ipa-getkeytab -s server.ipa.example.org -k /etc/krb5.keytab -p nfs/server.ipa.example.org
Start NFS:
# service nfs-secure restart # service nfs-server restart # service nfs-secure-server restart
Configure IPA automount
IPA lets you have different automount maps for different locations. The default location is 'default'. We'll use that.
Add a map to test with:
# ipa automountmap-add-indirect default ipaexport --mount=/ipaexport
Create an automount key:
# ipa automountkey-add default ipaexport --key=test --info='-fstype=nfs4,rw,sec=krb5,soft,rsize=8192,wsize=8192 server.ipa.example.org:/ipaexport'
Client test with SSSD
Run the IPA automount configuration tool, accepting default options:
# ipa-client-automount Searching for IPA server... IPA server: server.ipa.example.org Location: default Continue to configure the system with these values? [no]: y Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started nfs-idmap.service Started nfs-secure.service Restarting sssd, waiting for it to become available. Started autofs.service
Test the mount:
# kinit admin # ls /ipaexport/test hello
Test uninstall
The uninstaller does not automatically unmount existing mounts.
# ipa-client-automount --uninstall # umount /ipaexport/test # ls /ipaexport/test
Expected response:
ls: cannot access /ipaexport/test: No such file or directory
Client test with autofs
Restart SSSD so it knows it no longer controls automount:
# service sssd restart
Run the IPA automount configuration tool, accepting default options:
# ipa-client-automount -S Searching for IPA server... IPA server: server.ipa.example.org Location: default Continue to configure the system with these values? [no]: y Configured /etc/nsswitch.conf Configured /etc/sysconfig/nfs Configured /etc/idmapd.conf Started nfs-idmap.service Started nfs-secure.service Configured /etc/autofs_ldap_auth.conf Configured /etc/sysconfig/autofs Started autofs.service
Test the mount:
# ls /ipaexport/test hello
Test uninstall
The uninstaller does not automatically unmount existing mounts.
# ipa-client-automount --uninstall # umount /ipaexport/test # ls /ipaexport/test
Expected response:
ls: cannot access /ipaexport/test: No such file or directory
Expected Results
All the test steps should end with the specified results.