[Freeipa-devel] automount in LDAP
Rob Crittenden
rcritten at redhat.com
Wed Nov 5 14:49:57 UTC 2008
Deependra Singh Shekhawat wrote:
> Hi,
>
> This sounds different from what I see here
>
> http://directory.fedoraproject.org/wiki/Howto:Automount
Is is similar but I'm using different attributes. The sample there is
mounting home directories which is a bit of a harder problem (requires
an entry for every user) and is using the cn and ou attributes. The
general format is the same.
> Doesn't client need to do configuration changes in /etc/sysconfig/autofs ?
>
> And if that's true it will be good to have some automation about it in
> FreeIPA-client?
Yes, some client-side changes are required as well to get automount
working. /etc/sysconfig/autofs needs to say which LDAP server to use,
what its basedn is and what attributes should be used. Additionally
/etc/nsswitch.conf needs to be modified to use ldap for automount.
rob
>
> Thanks
> Deependra
>
> On Wed, Nov 5, 2008 at 9:52 AM, Rob Crittenden <rcritten at redhat.com
> <mailto:rcritten at redhat.com>> wrote:
>
> I'm trying to wrap my head around automount over LDAP and how we
> would want an API over XML-RPC to support it.
>
> At its core there are 2 types of objects we'll deal with: maps and keys
>
> That part is easy enough. I can implement add-map and add-key
> methods. The problem is producing something actually usable to a client.
>
> The thing is, the admin will need a certain amount of automount
> knowledge to create a usable setup. Do we want to mirror the LDAP
> objects or provide an interface to be useful, or both?
>
> So an example is in order. Here is an example of a simple non-home
> shared directory. It creates the maps auto.master and auto.share and
> exports the NFS share /share/builds.
>
> dn: automountmapname=auto.master,cn=accounts,dc=example,dc=com
> objectClass: automountMap
> objectClass: top
> automountMapName: auto.master
>
> dn:
> automountkey=/share,automountmapname=auto.master,cn=accounts,dc=example,dc
> =com
> objectClass: automount
> objectClass: top
> automountKey: /share
> automountInformation: ldap:automountmapname=auto.share,
> cn=accounts,dc=example
> ,dc=com
>
> dn: automountmapname=auto.share,cn=accounts,dc=example,dc=com
> objectClass: automountMap
> objectClass: top
> automountMapName: auto.share
>
> dn:
> automountkey=builds,automountmapname=auto.share,cn=accounts,dc=example,dc=
> com
> automountInformation: somehost:/share/builds
> objectClass: automount
> objectClass: top
> automountKey: builds
>
> So assuming I'm reading this right, and that is a bit of a leap,
> this shows there are two kinds of keys. One defines a search point
> (/share) and one defines a mount point (builds). And it requires
> knowledge of how automount wants to format shares.
>
> And also, this assumes we use a schema with
> automountkey/automountmap instead of cn and ou.
>
> Adding shares can be left as an exercise to the user by just
> exporting a way to add maps and keys, or we can try to impose some
> sort of order on this. What that might look like I don't know.
>
> Feedback welcome.
>
> rob
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com <mailto:Freeipa-devel at redhat.com>
> https://www.redhat.com/mailman/listinfo/freeipa-devel
>
>
>
>
> --
> Type bits /keyID Date User ID
> pub 1024D/483B234C 2007/06/29 Deependra Singh Shekhawat (Fedora
> Project) <jeevanullas at gmail.com <mailto:jeevanullas at gmail.com>>
> Key fingerprint = ED45 62EA A4D7 53FB 44C7 774A D55B F3F0 483B 234C
>
More information about the Freeipa-devel
mailing list