[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: autofs and OpenLDAP integration

To: Brian Wert <bwert@mediaone.net>
Subject: Re: autofs and OpenLDAP integration
From: Nalin Dahyabhai <nalin@redhat.com>
Date: Mon, 21 May 2001 13:41:06 -0400
Cc: autofs@linux.kernel.org, openldap-software@OpenLDAP.org
Content-disposition: inline
In-reply-to: <01052112043407.06922@osirus.mysunman.com>; from bwert@mediaone.net on Mon, May 21, 2001 at 12:04:34PM -0400
Organization: Red Hat, Inc.
References: <01051713450203.01095@osirus.mysunman.com> <20010521105347.C24502@redhat.com> <01052112043407.06922@osirus.mysunman.com>
User-agent: Mutt/1.2.5i

On Mon, May 21, 2001 at 12:04:34PM -0400, Brian Wert wrote:
> > We had to patch up the init script to do some primitive parsing of the
> > nsswitch.conf file because between files, NIS, and LDAP, there was no
> > parsing order and precedence which didn't generate bug reports from
> > people who wanted it changed.  If your auto.master isn't in LDAP, you
> > don't need to muck with nsswitch.conf at all.
> 
> Right now it isn't, but I would like it to be.  That way, I don't need modify 
> all my clients to use a local auto.master.  I'd like to use automounter: 
> files ldap  in my nsswitch.conf file.
> 
> What would a proper entry for auto.master be so autofs can find it in LDAP?

The syntax is the same, but the cn attributes are paths instead of
keys for an automount map.  Here's some LDIF:

dn: ou=auto.master,dc=example,dc=com
objectClass: top
objectClass: automountMap
ou: auto.master

dn: cn=/home,ou=auto.master,dc=example,dc=com
objectClass: automount
cn: /home
automountInformation: ldap:ldapserver.example.com:ou=auto.home,dc=example,dc=com

The helper searches under the base defined in /etc/openldap/ldap.conf
for an object named "ou=auto.master" of type "automountMap", and then
performs a subtree search under that object to get a list of "automount"
objects, which it formats and prints as entries, similar to the way
"ypcat -k" works.  (Originally this was done using ldapsearch, but it's
really hard to do base64 conversions in a shell script without help.)

> > However, Luke's recently posted that this is probably the wrong way to
> > do it.  We should probably be using nisObject and nisMap objects instead,
> > but this would require code changes to the module (which would break any
> > installations using the current method, unless we decided to support
> > both ways of doing things).
> 
> Yes, I saw that post also.  I believe that the Sun client will be looking for 
> entries in LDAP using nisObject and nisMap.  This might mean that I will need 
> to duplicate entries in LDAP for the different automounter clients out there. 
>  My environment is Linux, Solaris, AIX and HP-UX.  Since I just got the 
> Linux automounter to work, I am now working on the other platforms.  Any 
> suggestions?

Patching the lookup module to try the nisObject/nisMap method is looking
like a better idea, given that autofs wants to maintain compatibility
with SunOS (except in cases where the map syntax is just too weird).  If
I find time today, I'll try to put together a patch that does this.

Cheers,

Nalin

Follow-Ups:
- Tree/ACLs design
  - From: Sylwester Lunski <dookie@mat.uni.torun.pl>

References:
- autofs and OpenLDAP integration
  - From: Brian Wert <bwert@mediaone.net>
- Re: autofs and OpenLDAP integration
  - From: Brian Wert <bwert@mediaone.net>

Prev by Date: Client side sorting??
Next by Date: Re: PAM, RADIUS, and ldap
Index(es):
- Chronological
- Thread