[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: autofs and OpenLDAP integration



On Wed, Jul 18, 2001 at 05:28:23PM +0200, Jehan PROCACCIA wrote:
> I did exacltly as you stated, however I still get "lookup(ldap): got
> answer, but
> no first entry for (&(objectclass=automount)(cn=/))"
> 
> Here's my config for the test:
> 
> $more /etc/auto.master
> #/mci ldap:openldap.int-evry.fr:ou=auto.mci,dc=int-evry,dc=fr
> /mci ldap:openldap.int-evry.fr:ou=mci,ou=automount,dc=int-evry,dc=fr
> --timeout=60
> 
> ldif file
> 
> dn: ou=automount,dc=int-evry,dc=fr
> objectClass: top
> objectClass: organizationalUnit
> ou: automount
> 
> dn: ou=mci,ou=automount,dc=int-evry,dc=fr
> objectClass: top
> objectClass: organizationalUnit
> ou: home
> 
> dn: cn=procacci,ou=mci,ou=automount,dc=int-evry,dc=fr
> objectClass: top
> objectClass: automount
> description: procacci home dir
> cn: procacci
> automountInformation: nfsserver.int-evry.fr:/user2000/mci/procacci
> 
> $/etc/init.d/autofs start
> 
> Jul 18 16:21:10 openldap automount[17277]: starting automounter version
> 3.1.7, path = /mci, maptype = ldap, mapname =
> openldap.int-evry.fr:ou=mci,ou=automount,dc=int-evry,dc=fr
> jui 18 16:21:10 openldap autofs: autofs startup succeeded
> Jul 18 16:21:10 openldap automount[17277]: using kernel protocol version
> 3
> 
> Red Hat Linux release 7.1 (Seawolf)
> Kernel 2.4.3-12 on an i686
> login: procacci
> Password:
> Last login: Wed Jul 18 16:15:57 from openldap
> No directory /mci/mci/procacci!
> Logging in with home = "/".
> 
> Jul 18 16:21:47 openldap login(pam_unix)[17285]: session opened for user
> procacci by (uid=0)
> Jul 18 16:21:47 openldap automount[17277]: attempting to mount entry
> /mci/mci
> Jul 18 16:21:47 openldap automount[17286]: lookup(ldap): got answer, but
> no first entry for (&(objectclass=automount)(cn=/))
> 
> What I am doing wrong ??

The auto.master file gives the automounter control of /mci, and your
home directory appears to be /mci/mci/procacci.  When you attempt to
access your home directory, autofs attempts to mount /mci/mci, and
because there's no matching entry (which would be named
"cn=mci,ou=automount,dc=int-evry,dc=fr") and no wildcard entry (which
would be named "cn=/,ou=automount,dc=int-evry,dc=fr"), it fails.

You have an entry named "dn: cn=procacci,ou=mci,ou=automount,dc=int-evry,dc=fr",
so I can guess that you're expecting autofs to perform queries for
subdirectories using this type of syntax, but unfortunately, that's just
not how it works.  Autofs (at least under Linux) doesn't directly support
subdirectories, but you can achieve a similar effect using additional
automount processes.

For what you want to do, you'll need to set things up so that autofs
starts another automount process to manage /mci/mci, and have that
automounter mount the user's home directory.  I'll assume you've got an
auto.master file which looks like this:

/mci ldap:ldap.int-evry.fr:ou=auto.mci,dc=int-evry,dc=fr

The LDIF (assuming the RDN for the automounter running on /mci/mci is
going to be "ou=auto.mci.mci") would look something like this:

# This entry is more or less a place-holder for automount entries for
# directories which get mounted under /mci.
dn: ou=auto.mci,dc=int-evry,dc=fr
objectClass: top
objectClass: organizationalUnit
ou: auto.mci

# This entry causes autofs to start up another automounter on /mci/mci.
dn: cn=mci,ou=auto.mci,dc=int-evry,dc=fr
objectClass: top
objectClass: automount
description: mci home directories
cn: mci
automountInformation: -fstype=autofs ldap:ou=auto.mci.mci,dc=int-evry,dc=fr

# This entry is more or less a place-holder for automount entries for
# directories which get mounted under /mci/mci.
dn: ou=auto.mci.mci,dc=int-evry,dc=fr
objectClass: top
objectClass: organizationalUnit
ou: auto.mci.mci

# This entry mounts nfsserver:/user2000/mci/procacci on /mci/mci/procacci.
dn: cn=procacci,ou=auto.mci.mci,dc=int-evry,dc=fr
objectClass: top
objectClass: automount
description: procacci home directory
cn: procacci
automountInformation: -rw,intr,soft,quota nfsserver:/user2000/mci/procacci

# This is a wildcard entry for any user whose home directory is under
# /mci/mci (this includes procacci, too).
dn: cn=/,ou=auto.mci.mci,dc=int-evry,dc=fr
objectClass: top
objectClass: automount
description: generic home directory
automountInformation: -rw,intr,soft,quota nfsserver:/user2000/mci/&

Using these entries, an attempt to access /mci/mci/procacci first triggers
a lookup for an entry for "mci" in the automounter which is running in the
/mci directory.  It finds "cn=mci,ou=auto.mci,dc=int-evry,dc=fr", and
starts up another automounter to manage /mci/mci.

Your attempt to access /mci/mci/procacci (which was only paused until
/mci/mci was mounted) then triggers a lookup for an entry for "procacci"
in the automounter which is running in /mci/mci.  It finds
"cn=procacci,ou=auto.mci.mci,dc=int-evry,dc=fr".  If you leave that entry
out of your directory, it falls back to searching for a wildcard entry
and finds "cn=/,ou=auto.mci.mci,dc=int-evry,dc=fr".

Either way, it then mounts the home directory using the
automountInformation attribute of the entry which it found.

Hopefully this clears things up.

Nalin