This blog posting is a part of a series of blog postings:

• Part 1 – OpenLDAP setup
• Part 2 – SSL/TLS
• Part 3 – Schemas for samba, autofs and kerberos
• Part 4 – Kerberos setup
• Part 5 – DNS settings for kerberos using dnsmasq
• Part 6 – NFSv4 with kerberos
• Part 7 – Autofs

After getting NFSv4 working, it’d be of course nice to automatically mount the nfs exported home directories. In this part I’m going through the steps to get school specific home directories mounted from a central server. Using autofs is an alternative to defining the mounted directories in /etc/fstab. It mounts the directories automatically when they are needed instead of doing it at boot time. This especially handy in situations where some servers are not immediately available after boot because of network issues. Also the number of mounts is kept down when not needed, which has helped with server stability issues. Autofs mountpoints can be configured either statically for every client or centrally in ldap. Ldap configuration allows one to easily add new mountpoints without modifying every client separately.

In this setup there’s a single file server that has a separate subdirectory under /home for every school. The directories are:

• server:/home/school1
• server:/home/school2
• server:/home/school3

The autofs.schema was installed in part 3 of this series. In addition to autofs-ldap package, also some entries are needed in ldap. First the basic data that autofs uses to recognize that it is configured:

#!/bin/sh

ldapadd -D uid=admin,ou=People,dc=edu,dc=example,dc=org -x -W << EOF
dn: ou=Automount,dc=edu,dc=example,dc=org
ou: Automount
objectClass: top
objectClass: organizationalUnit

dn: ou=auto.master,ou=Automount,dc=edu,dc=example,dc=org
ou: auto.master
objectClass: top
objectClass: automountMap
EOF

We want to use autofs to mount directories under /home, so it needs to be defined:

#!/bin/sh

ldapadd -D uid=admin,ou=People,dc=edu,dc=example,dc=org -x -W << EOF
dn: cn=/home,ou=auto.master,ou=Automount,dc=edu,dc=example,dc=org
cn: /home
objectClass: top
objectClass: automount
automountInformation: ldap:ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org rsize=8192,wsize=8192
EOF

This tells autofs to look for individual directories under the suffix ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org. The directories are then defined under the defined suffix:

#!/bin/sh

ldapadd -D uid=admin,ou=People,dc=edu,dc=example,dc=org -x -W << EOF
dn: ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org
ou: auto.home
objectClass: top
objectClass: automountMap

dn: cn=school1,ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org
cn: school1
objectClass: top
objectClass: automount
automountInformation: -fstype=nfs4,rw,sec=krb5 server.edu.example.org:/home/school1

dn: cn=school2,ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org
cn: school2
objectClass: top
objectClass: automount
automountInformation: -fstype=nfs4,rw,sec=krb5 server.edu.example.org:/home/school2

dn: cn=school3,ou=auto.home,ou=Automount,dc=edu,dc=example,dc=org
cn: school3
objectClass: top
objectClass: automount
automountInformation: -fstype=nfs4,rw,sec=krb5 server.edu.example.org:/home/school3
EOF

Now the server side should be rocking and the clients need to be instructed to look for mountpoints in ldap. First autofs needs to be installed on the client machine:

sudo apt-get install autofs5-ldap ldap-utils

And the following settings instructs autofs to use ldap as data storage and where in the ldap tree the information is stored:

/etc/nsswitch.conf

  automount: ldap

/etc/default/autofs

TIMEOUT=60
LDAP_URI=ldap://ldap.edu.example.org/
SEARCH_BASE="ou=auto.master,ou=Automount,dc=edu,dc=example,dc=org"

MAP_OBJECT_CLASS="automountMap"
ENTRY_OBJECT_CLASS="automount"
MAP_ATTRIBUTE="ou"
ENTRY_ATTRIBUTE="cn"
VALUE_ATTRIBUTE="automountInformation"

Next restart /etc/init.d/autofs and /home/school{1|2|3} should mount automatically.

Veli-Matti Lintu