On Tue, Jan 27, 2015 at 10:03:37PM +0000, Roderick Johnstone wrote: > Hi > > I'm migrating from a legacy NIS setup to ipa. I have a number of NIS > netgroups (of hosts) that are being used to export (non-kerberos) nfs shares > to which I would like to migrate to ipa. > > I've create a new netgroup in ipa (for testing) and added some hosts to it > (using ipa netgroup-add and ipa netgroup-add-member). I'm hoping that when > exporting an nfs share using the @netgroup syntax in /etc/exports that the > netgroup will be looked up in ipa and the share will be exported to the > hosts in the netgroup. > > /etc/nsswitch.conf has a line: > netgroup: files nis sss > > /etc/exports has a line: > /var/tmp/testexport @rmjnetgroup1(ro) > > I haven't, so far, been able to mount the exported share on a client so I'm > wondering if this setup would be expected to work? > > What is confusing to me is that the section in the Redhat 6 Identity > Management guide on netgroups also has information on running the NIS > listener plugin so I'm wondering if perhaps this only works when running the > nis listener. I'm trying to avoid that. > > I'd welcome any clarification on how to do non-kerberised nfs exports to > groups of hosts.
Does getent netgroup rmjnetgroup1 show the hosts you'd expect? -- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go To http://freeipa.org for more info on the project
