I recently installed a FreeIPA server and a FreeIPA client. I generated a Kerberos ticket for a test user, Bob Billiards, on the IPA server:
# kinit bbilliards
Password for bbilliards@IPA.OSRIC.NET:
Then I attempted to ssh into the IPA client as that user. The connection was successful, but it could not find the user’s home directory:
# ssh bbilliards@ariel.osric.net
bbilliards@ariel.osric.net's password:
Could not chdir to home directory /home/bbilliards: no such file or directory
The location of the home directory was set when I created the user, as can be seen here:
# ipa user-find bbilliards
--------------
1 user matched
--------------
User login: bbilliards
First name: Bob
Last name: Billiards
Home directory: /home/bbilliards
Login shell: /bin/sh
Principal name: bbilliards@IPA.OSRIC.NET
Principal alias: bbilliards@IPA.OSRIC.NET
Email address: bbilliards@ipa.osric.net
UID: 1110200001
GID: 1110200001
SSH public key fingerprint: [redacted]
Account disabled: False
----------------------------
Number of entries returned 1
----------------------------Shouldn’t the system be able to create the home directory automatically? It turns out it can, if you specify the --mkhomedir switch when installing the IPA client:
# ipa-client-install --mkhomedir
Now when I ssh into the machine it creates a home directory:
# ssh bbilliards@ariel.osric.net
Creating home directory for bbilliards
-sh-4.2$ pwd
/home/bbilliards
You may prefer to mount a Network File System (NFS) directory as a home directory instead so that users have the same home directories across machines.
You can also enable the creation of home directories even after the client is installed using authconfig, as pointed out on this post on the FreeIPA users mailing list: Add “mkhomedir” after install
Example:
In my case i need to install with “yum install authconfig” because authconfig has been replaced by authselect