search

EESSI / filesystem-layer

Filesystem layer of the EESSI project
https://eessi.github.io/docs/filesystem_layer
GNU General Public License v2.0
7 stars 16 forks source link

cvmfs pulls in automount as a dependency on CentOS7 #73

Open terjekv opened 3 years ago

terjekv commented 3 years ago

This also has the funny effect of adding sss as a default configuration option, which failed to work on SAGA in Norway. The solution was to disable sss in /etc/nsswitch.conf. Also, on a system using systemd, automount may be deprecated for .mount-files: https://www.freedesktop.org/software/systemd/man/systemd.mount.html

bedroge commented 3 years ago

I don't really understand this, do you have some more details? The CVMFS client (that's the one you're installing?) does need / pull in autofs, but I don't see anywhere that it would pull in / enable sss or change nssswitch.conf in any way.

terjekv commented 3 years ago

We saw this on a CentOS7 machine that previously had no autofs installed. I suppose the default/etc/nsswitch.conf that came with glibc included sss and that the sss configuration didn't match what the cluster was expecting? It's a weird error that I haven't seen outside of this cluster (to which I do not have root access to debug much on).

bedroge commented 3 years ago

In a "fresh" CentOS 7 container the nsswitch.conf looks like this:

#
# /etc/nsswitch.conf
#
# An example Name Service Switch config file. This file should be
# sorted with the most-used services at the beginning.
#
# The entry '[NOTFOUND=return]' means that the search for an
# entry should stop if the search in the previous entry turned
# up nothing. Note that if the search failed due to some other reason
# (like no NIS server responding) then the search continues with the
# next entry.
#
# Valid entries include:
#
#   nisplus         Use NIS+ (NIS version 3)
#   nis         Use NIS (NIS version 2), also called YP
#   dns         Use DNS (Domain Name Service)
#   files           Use the local files
#   db          Use the local database (.db) files
#   compat          Use NIS on compat mode
#   hesiod          Use Hesiod for user lookups
#   sss         Use sssd (System Security Services Daemon)
#   [NOTFOUND=return]   Stop searching if not found so far
#
# WARNING: Running nscd with a secondary caching service like sssd may lead to
#      unexpected behaviour, especially with how long entries are cached.

# To use db, put the "db" in front of "files" for entries you want to be
# looked up first in the databases
#
# Example:
#passwd:    db files nisplus nis
#shadow:    db files nisplus nis
#group:     db files nisplus nis

passwd:     files sss
shadow:     files sss
group:      files sss
#initgroups: files sss

#hosts:     db files nisplus nis dns
hosts:      files dns myhostname

# Example - obey only what nisplus tells us...
#services:   nisplus [NOTFOUND=return] files
#networks:   nisplus [NOTFOUND=return] files
#protocols:  nisplus [NOTFOUND=return] files
#rpc:        nisplus [NOTFOUND=return] files
#ethers:     nisplus [NOTFOUND=return] files
#netmasks:   nisplus [NOTFOUND=return] files     

bootparams: nisplus [NOTFOUND=return] files

ethers:     files
netmasks:   files
networks:   files
protocols:  files
rpc:        files
services:   files sss

netgroup:   nisplus sss

publickey:  nisplus

automount:  files nisplus sss
aliases:    files nisplus

So there's already some automount line in there. Installing cvmfs/autofs doesn't change that file. Maybe something was already wrongly configured before installing cvmfs?