CoreOS Freeipa Client Setup
Freeipa can be used to manage users/groups, however on CoreOS the setup process is currently broken.
When setting up the Freeipa client on a CoreOS system the following directories need to be created manually.
mkdir -p /var/lib/ipa-client/sysrestore/
mkdir -p /var/lib/ipa-client/pki/
mkdir -p /var/lib/sss/pubconf/krb5.include.d/
A couple of issues to follow if interested:
- SSSD binaries missing capabilities like in Bazzite issue #1818
- Bug 2332433 - IPA Client Fails to Install/Initialize on Fedora Atomic Because of Missing Directories
- #9684 Convert post-install scriptlet in freeipa-client to rpm-ostree-friendly service
- Adopting enterprise domain clients to Silverblue: FreeIPA view
Read other posts