Redhat 5’s new autofs handling of ldap home directories
Installed my first Redhat 5 server this week. The install went without issue. But when I configured it for LDAP authentication and started up autofs, none of the user home directories were mounting.
A quick look at the log file showed nothing. No errors, no nothing. Then I found Redhat’s documentation for the changes they did in autofs 5. Turns out they changed it from guessing what type of schema you are using to allowing you to specify exactly what schema should be used. Nice, especially since it will eliminate a lot of noise in syslog. But apparently their changes do not like how I have mine set up by default — which was configured in a not so nice way just for a Redhat ES 3 box.
My network has a mix of Redhat, Suse, Solaris 8,9,10, and a lot of Windows PCs. We use Redhat’s Directory Server (which is the old Netscape LDAP). When it came time to put in the automounts, we found that Solaris insisted on the rfc2307bis schema, using automountMap entries. Redhat ES 3 insisted on using the old style nisMap entries. So a comprimise was reached. Both were put in and a script written to add both entry types when creating a new user. Wasn’t hard since Solaris looks for auto_master and Linux looks for auto.master. So auto_master got the automountMap entries, auto.master got the nisMap entries.
First thing at tracking this down was turning on some logging for autofs. The default is now no logging. Edit /etc/sysconfig/autofs and change DEFAULT_LOGGING=”verbose” (or debug if you need more). After turning this on, I finally found what it was choking on:
master_notify: syntax error in map near [ nismapname ]
Redhat 5 defaults to the nisMap entries and it was finding the auto.master entry in the directory but it was not liking what it found. Since the exact same entries work fine with the older Redhat and Suse boxes, I figured they were fine and rather attempt to correct them for Redhat 5 and break everyone else, best route was to get Redhat 5 to like what is in the LDAP directory.
First off, no matter what, I could not get autofs 5 to work with the auto.master or the auto_master entries. These entries list where to find the /home automount entries and it is specified in /etc/auto.master with the line:
# Include central master map if it can be found using
# nsswitch sources.
#
# Note that if there are entries for /net or /misc (as
# above) in the included master map any keys that are the
# same will not be seen as the first read key seen takes
# precedence.
#
+auto.master
The +auto.master tells it to include anything it finds in LDAP or NIS. Commenting that out removed that issue, but requires specifying where the /home mount entries are. To do so, add this to auto.master:
/home auto.home
Now create /etc/auto.home and add the following to it:
+auto_home
This tells it to include the mounts in can find in auto_home in the LDAP directory. But one more thing. I told it to look in the section that has the automountmap entries, so we need to tell autofs we’re going to use that schema. Back in the /etc/sysconfig/autofs file, uncomment the lines for a rfc2307bis schema:
DEFAULT_MAP_OBJECT_CLASS="automountMap"
DEFAULT_ENTRY_OBJECT_CLASS="automount"
DEFAULT_MAP_ATTRIBUTE="automountMapName"
DEFAULT_ENTRY_ATTRIBUTE="automountKey"
DEFAULT_VALUE_ATTRIBUTE="automountInformation"
Restart autofs, check that it works. If so, turn of the logging again. Took me a couple hours to get it working but works fine now. I would like to figure out why it wouldn’t work with with the auto.master or auto_master entries. If I latter want to add more default mounts to the servers, I’ll have to manually configure Redhat 5 to look for it while all the other servers will pick up on it right away.