Discussion:
master_notify: syntax error in map near [ bogus option ]
Knops, Manfred
2008-01-03 12:40:24 UTC
Permalink
Hello,

please can you help me.
I configured autofs in version 5.0.1 on a Fedora release 7 (Moonshine)
system to use ldap for the automount information.

The configuration is:
[***@hostB ~]# egrep -v "^$|^#" /etc/sysconfig/autofs
MASTER_MAP_NAME="auto.master"
TIMEOUT=300
BROWSE_MODE="yes"
APPEND_OPTIONS="yes"
LOGGING="debug"
MAP_OBJECT_CLASS="automountMap"
ENTRY_OBJECT_CLASS="automount"
MAP_ATTRIBUTE="automountMapName"
ENTRY_ATTRIBUTE="automountKey"
VALUE_ATTRIBUTE="automountInformation"
AUTH_CONF_FILE="/etc/autofs_ldap_auth.conf"

[***@hostB ~]# tail -n 8 /etc/autofs_ldap_auth.conf
<autofs_ldap_sasl_conf
usetls="no"
tlsrequired="no"
authrequired="yes"
authtype="DIGEST-MD5"
user="ldap"
secret="ldap"
/>

[***@hostB ~]# egrep -v "^$|^#" /etc/auto.master
+auto.master


The automount info's are:
[***@hostB ~]# ldapsearch "(objectClass=automountMap)"
...
...
# auto.master, automount, abaqus.de
dn: automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.master
description: This chapter is analog to the file /etc/auto.master

# auto.home, automount, abaqus.de
dn: automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.home
description: This chapter is analog to /etc/auto.home

[***@hostB ~]# ldapsearch
"(&(objectClass=automount)(|(automountKey=/home)(automountKey=/net)))"
...
...
# /net, auto.master, automount, abaqus.de
dn:
automountKey=/net,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /net
automountInformation: /etc/auto.net --timeout=60

# /home, auto.master, automount, abaqus.de
dn:
automountKey=/home,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /home
automountInformation: ldap
192.168.1.2:automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
--timeout=60

[***@hostB ~]# ldapsearch "(&(objectClass=automount)(automountKey=userA))"
...
...
# userA, auto.home, automount, abaqus.de
dn:
automountKey=userA,automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: userA
automountInformation: -fstype=nfs,hard,intr,nodev,nosuid hostA:/home/userA
description: ldap entry for /etc/auto.home

When I start I got this information in /var/log/message:
Jan 3 13:37:52 kerberos automount[12728]: Starting automounter version
5.0.1-31, master map auto.master
Jan 3 13:37:52 kerberos automount[12728]: using kernel protocol version
5.00
Jan 3 13:37:52 kerberos automount[12728]: master_error: syntax error
while parsing map.
Jan 3 13:37:52 kerberos automount[12728]: master_notify: syntax error
in map near [ bogus option ]
Jan 3 13:37:52 kerberos automount[12728]: master_error: syntax error
while parsing map.
Jan 3 13:37:52 kerberos automount[12728]: master_read_master: no mounts
in table

On Opensuse 10.3 this configuration works.
Please can anyone tell me, what does it means syntax error in map near [
bogus option ].

With best regard
Manfred
--
Manfred Knops
Abaqus Deutschland GmbH
Elisabethstrasse 16
D-52062 Aachen
Knops, Manfred
2008-01-03 15:28:33 UTC
Permalink
Post by Knops, Manfred
(...)
# /home, auto.master, automount, abaqus.de
automountKey=/home,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /home
automountInformation: ldap
192.168.1.2:automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
--timeout=60
[***@kerberos ~]# tail /tmp/automount.ldif
dn:
automountKey=/home,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /home
automountInformation:
ldap://192.168.1.2/automountMapName=auto.home,ou=automount,dc=abaqus,dc=de

I found one mistake by myself. I changed the automountInformation for /home.
I changed from "ldap 192.168.1.2:auto..." to "ldap://192.168.1.2/auto...".

Now I have a sasl problem.
Jan 3 16:18:55 hostB automount[12904]: Starting automounter version
5.0.1-31, master map auto.master
Jan 3 16:18:55 hostB automount[12904]: using kernel protocol version 5.00
Jan 3 16:18:55 hostB automount[12904]: No worthy mechs found
Jan 3 16:18:55 hostB automount[12904]: sasl_bind_mech: sasl_client
start failed with error: SASL(-4): no mechanism available: No worthy
mechs found
Jan 3 16:18:55 hostB automount[12904]: lookup_init: lookup(ldap):
cannot initialize authentication setup
Jan 3 16:18:55 hostB automount[12904]: mount_autofs_indirect: failed to
read map for /home
Jan 3 16:18:55 hostB automount[12904]: handle_mounts: mount of /home
failed!
Jan 3 16:18:55 hostB automount[12904]: master_do_mount: failed to
startup mount
Jan 3 16:18:55 hostB automount[12904]: mounted indirect mount on /net
with timeout 60, freq 15 seconds
Jan 3 16:18:55 hostB automount[12904]: ghosting enabled
Jan 3 16:19:56 hostB automount[12904]: attempting to mount entry /net/gnome
Jan 3 16:19:56 hostB automount[12904]: mounted /net/gnome
Jan 3 16:20:09 hostB automount[12904]: mount still busy /net
Jan 3 16:20:40 hostB last message repeated 2 times
Jan 3 16:21:11 hostB last message repeated 2 times
Jan 3 16:21:26 hostB automount[12904]: expiring path /net/gnome
Jan 3 16:21:26 hostB automount[12904]: umounted offset mount
/net/gnome/backup/opt-abaqus/server
Jan 3 16:21:26 hostB automount[12904]: expired /net/gnome

If someone has an idea, please feel free to help me.

With best regards
Manfred
--
Manfred Knops
Abaqus Deutschland GmbH
Elisabethstrasse 16
D-52062 Aachen
Ian Kent
2008-01-04 01:45:44 UTC
Permalink
Post by Knops, Manfred
Post by Knops, Manfred
(...)
# /home, auto.master, automount, abaqus.de
automountKey=/home,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /home
automountInformation: ldap
192.168.1.2:automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
--timeout=60
automountKey=/home,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /home
ldap://192.168.1.2/automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
I found one mistake by myself. I changed the automountInformation for /home.
I changed from "ldap 192.168.1.2:auto..." to "ldap://192.168.1.2/auto...".
Not really a mistake. Version 5 is more strict about this but don't be
surprised if it starts to work again in later revisions because lot of
people do seem to use this even though it's not specified as valid.

The valid formats are ldap:[server:]dn or, more recently,
ldap:[//server/]dn, although the man page seems a little unclear now I
look at it. There are further restrictions on the dn in that it needs to
be either a map name alone or a full dn string including the base.
Post by Knops, Manfred
Now I have a sasl problem.
Jan 3 16:18:55 hostB automount[12904]: Starting automounter version
5.0.1-31, master map auto.master
Jan 3 16:18:55 hostB automount[12904]: using kernel protocol version 5.00
Jan 3 16:18:55 hostB automount[12904]: No worthy mechs found
Jan 3 16:18:55 hostB automount[12904]: sasl_bind_mech: sasl_client
start failed with error: SASL(-4): no mechanism available: No worthy
mechs found
cannot initialize authentication setup
Jan 3 16:18:55 hostB automount[12904]: mount_autofs_indirect: failed to
read map for /home
Jan 3 16:18:55 hostB automount[12904]: handle_mounts: mount of /home
failed!
Jan 3 16:18:55 hostB automount[12904]: master_do_mount: failed to
startup mount
Jan 3 16:18:55 hostB automount[12904]: mounted indirect mount on /net
with timeout 60, freq 15 seconds
Jan 3 16:18:55 hostB automount[12904]: ghosting enabled
Jan 3 16:19:56 hostB automount[12904]: attempting to mount entry /net/gnome
Jan 3 16:19:56 hostB automount[12904]: mounted /net/gnome
Jan 3 16:20:09 hostB automount[12904]: mount still busy /net
Jan 3 16:20:40 hostB last message repeated 2 times
Jan 3 16:21:11 hostB last message repeated 2 times
Jan 3 16:21:26 hostB automount[12904]: expiring path /net/gnome
Jan 3 16:21:26 hostB automount[12904]: umounted offset mount
/net/gnome/backup/opt-abaqus/server
Jan 3 16:21:26 hostB automount[12904]: expired /net/gnome
If someone has an idea, please feel free to help me.
Does this same connection information work OK for ldapsearch?

Ian
Knops, Manfred
2008-01-07 07:06:45 UTC
Permalink
Post by Ian Kent
(...)
Not really a mistake. Version 5 is more strict about this but don't be
surprised if it starts to work again in later revisions because lot of
people do seem to use this even though it's not specified as valid.
The valid formats are ldap:[server:]dn or, more recently,
ldap:[//server/]dn, although the man page seems a little unclear now I
look at it. There are further restrictions on the dn in that it needs to
be either a map name alone or a full dn string including the base.
Ok, thank you for this information. I checked the documenation on
opensuse 10.3. They use version 5.0.2. And they wrote:

dn: cn=/mounts,nisMapName=auto.master,ou=AUTOFS,dc=example,dc=org
objectClass: nisObject
nisMapName: auto.master
cn: /mounts
nisMapEntry: ldap
ldapserver.example.org:nisMapName=auto.mounts,ou=AUTOFS,dc=example,dc=org

So I will try to use ldap://server/dn on opensuse to make ldap
replication possible.
Post by Ian Kent
(...)
Does this same connection information work OK for ldapsearch?
Yes, it works.
[***@hostB ~]# ldapsearch -v "(objectClass=automountMap)"
ldap_initialize( <DEFAULT> )
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: ldap
SASL SSF: 128
SASL installing layers
filter: (objectClass=automountMap)
requesting: All userApplication attributes
# extended LDIF
#
# LDAPv3[***@kerberos ~]# ldapwhoami -U ldap -X u:ldap
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: u:ldap
SASL SSF: 128
SASL installing layers
dn:uid=ldap,ou=users,dc=abaqus,dc=de
Result: Success (0)

# base <> with scope subtree
# filter: (objectClass=automountMap)
# requesting: ALL
#

# auto.home, automount, abaqus.de
dn: automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.home
description: This chapter is analog to /etc/auto.home

# auto.master, automount, abaqus.de
dn: automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.master
description: This chapter is analog to the file /etc/auto.master

# search result
search: 3
result: 0 Success

# numResponses: 3
# numEntries: 2



testsaslauthd also works fine:
[***@hostB ~]# testsaslauthd -u ldap -p ldap
0: OK "Success."



ldapwhoami also works fine:
[***@hostB ~]# ldapwhoami -U ldap -X u:ldap
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: u:ldap
SASL SSF: 128
SASL installing layers
dn:uid=ldap,ou=users,dc=abaqus,dc=de
Result: Success (0)


It also work for automount. Because /net mount with /etc/auto.net works:
Jan 4 09:35:19 kerberos automount[18890]: mounted indirect mount on
/net with timeout 60, freq 15 seconds

He got this information from ldap:
[***@hostB ~]# ldapsearch
"(&(objectClass=automount)(automountKey=/net))" -LLL
SASL/DIGEST-MD5 authentication started
Please enter your password:
SASL username: ldap
SASL SSF: 128
SASL installing layers
dn:
automountKey=/net,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /net
automountInformation: /etc/auto.net --timeout=60

He also notice that /home are a mount point. He found this information
in ldap. So he got a connection. But he doesn't read the mount options:
Jan 4 09:35:19 kerberos automount[18890]: mount_autofs_indirect: failed
to read map for /home

And I don't know why.
Manfred
Ian Kent
2008-01-07 07:58:59 UTC
Permalink
Post by Knops, Manfred
Post by Ian Kent
(...)
Not really a mistake. Version 5 is more strict about this but don't be
surprised if it starts to work again in later revisions because lot of
people do seem to use this even though it's not specified as valid.
The valid formats are ldap:[server:]dn or, more recently,
ldap:[//server/]dn, although the man page seems a little unclear now I
look at it. There are further restrictions on the dn in that it needs to
be either a map name alone or a full dn string including the base.
Ok, thank you for this information. I checked the documenation on
OK, there's nearly 50 patches going into 5.0.3, maybe more by the time
it gets released so it's going to be a bit hard to work out what's going
on.

We usually get most useful information from debug logs.
See http://people.redhat.com/jmoyer for instructions to collect it.
Ensure that daemon.* is actually being logged.
Post by Knops, Manfred
dn: cn=/mounts,nisMapName=auto.master,ou=AUTOFS,dc=example,dc=org
objectClass: nisObject
nisMapName: auto.master
cn: /mounts
nisMapEntry: ldap
ldapserver.example.org:nisMapName=auto.mounts,ou=AUTOFS,dc=example,dc=org
So I will try to use ldap://server/dn on opensuse to make ldap
replication possible.
Post by Ian Kent
(...)
Does this same connection information work OK for ldapsearch?
Yes, it works.
ldap_initialize( <DEFAULT> )
SASL/DIGEST-MD5 authentication started
SASL username: ldap
SASL SSF: 128
SASL installing layers
filter: (objectClass=automountMap)
requesting: All userApplication attributes
# extended LDIF
#
SASL/DIGEST-MD5 authentication started
SASL username: u:ldap
SASL SSF: 128
SASL installing layers
dn:uid=ldap,ou=users,dc=abaqus,dc=de
Result: Success (0)
# base <> with scope subtree
# filter: (objectClass=automountMap)
# requesting: ALL
#
# auto.home, automount, abaqus.de
dn: automountMapName=auto.home,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.home
description: This chapter is analog to /etc/auto.home
# auto.master, automount, abaqus.de
dn: automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automountMap
automountMapName: auto.master
description: This chapter is analog to the file /etc/auto.master
# search result
search: 3
result: 0 Success
# numResponses: 3
# numEntries: 2
0: OK "Success."
SASL/DIGEST-MD5 authentication started
SASL username: u:ldap
SASL SSF: 128
SASL installing layers
dn:uid=ldap,ou=users,dc=abaqus,dc=de
Result: Success (0)
Jan 4 09:35:19 kerberos automount[18890]: mounted indirect mount on
/net with timeout 60, freq 15 seconds
"(&(objectClass=automount)(automountKey=/net))" -LLL
SASL/DIGEST-MD5 authentication started
SASL username: ldap
SASL SSF: 128
SASL installing layers
automountKey=/net,automountMapName=auto.master,ou=automount,dc=abaqus,dc=de
objectClass: top
objectClass: automount
automountKey: /net
automountInformation: /etc/auto.net --timeout=60
He also notice that /home are a mount point. He found this information
Jan 4 09:35:19 kerberos automount[18890]: mount_autofs_indirect: failed
to read map for /home
I didn't see the master map entry for the auto.home map or any entries
for it above.

Might be a good idea to post all the actual (or carefully edited for
privacy) maps to give a full overview and of course the debug log so we
can see what is happening.

Ian

Loading...