Bug 1687951

Summary: ipa-client-automount needs option to specify domain
Product: Red Hat Enterprise Linux 8 Reporter: joel <jwooten>
Component: ipaAssignee: IPA Maintainers <ipa-maint>
Status: CLOSED ERRATA QA Contact: ipa-qe <ipa-qe>
Severity: high Docs Contact:
Priority: unspecified    
Version: 8.0CC: amore, cheimes, fcami, frenaud, ksiddiqu, pvoborni, rcritten, tscherf, twoerner
Target Milestone: rc   
Target Release: 8.1   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: ipa-4.8.0-1 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1733209 (view as bug list) Environment:
Last Closed: 2019-11-05 20:52:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1733209    

Description joel 2019-03-12 18:16:09 UTC 
Description of problem:
ipa-client-automount automatically sets idmapping to the idm domain

Version-Release number of selected component (if applicable):
7.6

How reproducible:
constant

Steps to Reproduce:
1. run the command 
2.
3.

Actual results:
ipa-client-automount adds the Domain as last line in /etc/idmapd

Expected results:
option to specify the domain, so admins don't have to manually change mapping

Additional info:
Comment 2 Rob Crittenden 2019-03-13 13:26:31 UTC 
Please provide a more detailed use case.
Comment 3 joel 2019-03-14 00:56:33 UTC 
Cu is requesting an option for ipa-client-automount like "--domain"  so the "Domain =" directive within /etc/idmapd.conf is set from the command line. This is so admins don't have to manually change the domain from the default idm one to another.
Comment 4 Rob Crittenden 2019-03-14 12:04:55 UTC 
Please confirm. The problem is that the client has a separate DNS domain than the IdM master so the Domain setting in /etc/idmapd.conf does not match the local value causing mapping to not work?
Comment 5 joel 2019-03-18 17:43:11 UTC 
customer responded:

Actually, there are 3 domains we are dealing with...

Our DNS domain
Our IDM domain 
Our NFSv4 domain

All of these are different.  Therefore, ipa-client-automount should not change an existing domain in /etc/idmapd.conf.

Currently, ipa-client-automount changes whatever domain is configured in /etc/idmapd.conf to that of the IDM domain, breaking NFSv4 mapping
Comment 10 François Cami 2019-04-17 12:16:17 UTC 
Upstream ticket:
https://pagure.io/freeipa/issue/7918
Comment 11 François Cami 2019-05-06 15:48:14 UTC 
Fixed upstream
master:
https://pagure.io/freeipa/c/660c4984c6281055752d74dc276fc39a07da324a
https://pagure.io/freeipa/c/d76737e4c6131ae6b4f550b2b7c1a19304f1e3a8
Comment 12 François Cami 2019-05-06 16:49:06 UTC 
Fixed upstream
ipa-4-7:
https://pagure.io/freeipa/c/aefe6cecde7c756f3f593887cdd8e378639d6e62
https://pagure.io/freeipa/c/728cc314c85836cee29fef250cf197fc0fa8c908
Comment 21 anuja 2019-08-19 08:05:55 UTC 
Verified Using Version :
-----------------------------------------------------------
ipa-client-4.8.0-8.module+el8.1.0+3977+ec23ef34.x86_64
ipa-server-4.8.0-8.module+el8.1.0+3977+ec23ef34.x86_64
sssd-ipa-2.2.0-11.el8.x86_64
-----------------------------------------------------------

Verified Using Test:
upstream : test_nfs.py::TestNFS::test_automount()

[1m============================= test session starts ==============================[0m
platform linux -- Python 3.6.8, pytest-3.4.2, py-1.5.3, pluggy-0.6.0 -- /usr/libexec/platform-python
cachedir: .pytest_cache
rootdir: /home/cloud-user, inifile:
plugins: sourceorder-0.5, multihost-3.0
[1mcollecting ... [0mcollected 4 items

test_nfs.py::TestNFS::test_prepare_users <- ../../usr/lib/python3.6/site-packages/ipatests/test_integration/test_nfs.py [32mPASSED[0m[36m [ 25%][0m
test_nfs.py::TestNFS::test_krb5_nfsd <- ../../usr/lib/python3.6/site-packages/ipatests/test_integration/test_nfs.py [32mPASSED[0m[36m [ 50%][0m
test_nfs.py::TestNFS::test_krb5_nfs_manual_configuration <- ../../usr/lib/python3.6/site-packages/ipatests/test_integration/test_nfs.py [32mPASSED[0m[36m [ 75%][0m
test_nfs.py::TestNFS::test_automount <- ../../usr/lib/python3.6/site-packages/ipatests/test_integration/test_nfs.py [32mPASSED[0m[36m [100%][0m

---------------- generated xml file: /home/cloud-user/junit.xml ----------------
[32m[1m========================== 4 passed in 678.43 seconds ==========================[0m
Comment 24 errata-xmlrpc 2019-11-05 20:52:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2019:3348