*Warning

(for adventurous eaters only)


Automounter 1 4 2

broken image


Automounter 1 4 2

NIS services (a.k.a. Yellow Pages [I need to add links to historical information]) are very useful for managing groups of UNIX machines. However NIS is traditionally rather insecure. There are some measures that you can take to configure NIS in a more secure manner. Thus you should not proceed unless you adhere to the following principles:

  • maintain tcpwrapper configuration rigorously on your system: /etc/hosts.allow, /etc/hosts.deny
  • maintain rigorously the YP server secure access file: /var/yp/securenets
  • maintain rigorously the YP server configuration file: /etc/ypserv.conf
In general, your NIS server(s) should never be directly accessible from hostile networks (like the Internet!) without some kind of protection (like a firewall). You should inform yourself about known security issues with NIS before you decide to impliment it in your network [provide link].

Though this document has a Red Hat bias it should apply as well to other Linux distributions. For other distros you would need to inform yourself about packages to install, and auto-starting commands on boot.

Since some time now, Red Hat server packages are typically NOT automagically configured and started. For various sensible security reasons, you are obliged to do this yourself. Therefore you should be aware that you need to:

UPDATE 2: As discussed in the answers below, setting VFCFJAIL on the NFS filesystem does allow jails to perform NFS mounts. Unfortunately, the automounter continues to behave that are unhelpful, and when run in a jail appears to be very good at getting wedged in such a way that a system reboot is necessary to remove the process entry. Home Apple Softwares AutoMounter 1.5.7. AutoMounter 1.5.7. Rikelly Brave at 08:44 Apple, Softwares, AppStore QR-Code. Developer: Pixeleyes Ltd. Price: $9.99 + DESCRIPTION. Tired of mounting your network shares? AutoMounter ensures that your shares are always mounted when you need them. Ableton Live 9 Suite 9.2.1 Latest Version. The automount program is used to manage mount points for autofs, the inlined Linux automounter. Automount works by reading the auto.master(8) map and sets up mount points for each entry in the master map allowing them to be automatically mounted when accessed. The file systems are then automatically umounted after a period of inactivity.

  • configure the service
  • set the runlevel start policy for the daemon for future reboots
  • launch the service

Note that when installing any machine, you initially set an authentication mode. You can later enable or disable NIS authentication, but you should have a uniform policy for shadow passwords and for MD5 passwords. The default on install for Red Hat systems is to enable both of these. This is a good policy, especially on freenix-only clusters, where these modes are typically supported. Do not change the password modes unless you know what you are doing, and you know how to repair your password file(s).

I show how to set up a server (the hard part) with classic NIS services, including the automounter for home directory access. Music collector pro 20 0 5. Then I show how to set up and configure the clients (the easy part :-)

I assume that you installed the NFS Server option on your server, and on any clients which will NFS-export a home directory.

1.1 Conventions and Notes

1.1.1 Document Conventions

  • Commands entered in a UNIX shell are shown in 'magenta' (and this user is an ordinary user with a standard bourne shell dollar prompt):
    $ SomeCommandEnteredHere
  • The root user has a 'hash' prompt:
    ROOT# SomeCommand
  • Output is shown in 'gray':
  • RPMs (Red Hat Package Manager packages) are shown in 'tomato': example-rpm

1.1.2 Notes on the Sample Network

Automounter 1 4 27

NIS services (a.k.a. Yellow Pages [I need to add links to historical information]) are very useful for managing groups of UNIX machines. However NIS is traditionally rather insecure. There are some measures that you can take to configure NIS in a more secure manner. Thus you should not proceed unless you adhere to the following principles:

  • maintain tcpwrapper configuration rigorously on your system: /etc/hosts.allow, /etc/hosts.deny
  • maintain rigorously the YP server secure access file: /var/yp/securenets
  • maintain rigorously the YP server configuration file: /etc/ypserv.conf
In general, your NIS server(s) should never be directly accessible from hostile networks (like the Internet!) without some kind of protection (like a firewall). You should inform yourself about known security issues with NIS before you decide to impliment it in your network [provide link].

Though this document has a Red Hat bias it should apply as well to other Linux distributions. For other distros you would need to inform yourself about packages to install, and auto-starting commands on boot.

Since some time now, Red Hat server packages are typically NOT automagically configured and started. For various sensible security reasons, you are obliged to do this yourself. Therefore you should be aware that you need to:

UPDATE 2: As discussed in the answers below, setting VFCFJAIL on the NFS filesystem does allow jails to perform NFS mounts. Unfortunately, the automounter continues to behave that are unhelpful, and when run in a jail appears to be very good at getting wedged in such a way that a system reboot is necessary to remove the process entry. Home Apple Softwares AutoMounter 1.5.7. AutoMounter 1.5.7. Rikelly Brave at 08:44 Apple, Softwares, AppStore QR-Code. Developer: Pixeleyes Ltd. Price: $9.99 + DESCRIPTION. Tired of mounting your network shares? AutoMounter ensures that your shares are always mounted when you need them. Ableton Live 9 Suite 9.2.1 Latest Version. The automount program is used to manage mount points for autofs, the inlined Linux automounter. Automount works by reading the auto.master(8) map and sets up mount points for each entry in the master map allowing them to be automatically mounted when accessed. The file systems are then automatically umounted after a period of inactivity.

  • configure the service
  • set the runlevel start policy for the daemon for future reboots
  • launch the service

Note that when installing any machine, you initially set an authentication mode. You can later enable or disable NIS authentication, but you should have a uniform policy for shadow passwords and for MD5 passwords. The default on install for Red Hat systems is to enable both of these. This is a good policy, especially on freenix-only clusters, where these modes are typically supported. Do not change the password modes unless you know what you are doing, and you know how to repair your password file(s).

I show how to set up a server (the hard part) with classic NIS services, including the automounter for home directory access. Music collector pro 20 0 5. Then I show how to set up and configure the clients (the easy part :-)

I assume that you installed the NFS Server option on your server, and on any clients which will NFS-export a home directory.

1.1 Conventions and Notes

1.1.1 Document Conventions

  • Commands entered in a UNIX shell are shown in 'magenta' (and this user is an ordinary user with a standard bourne shell dollar prompt):
    $ SomeCommandEnteredHere
  • The root user has a 'hash' prompt:
    ROOT# SomeCommand
  • Output is shown in 'gray':
  • RPMs (Red Hat Package Manager packages) are shown in 'tomato': example-rpm

1.1.2 Notes on the Sample Network

This example network is configured as a subnet: 192.168.196. I have implemented a security policy which is subnet-based.

  • The IP parameters for this example network are:
    Network PropertyParameter
    IP domainmynet.home
    Naming Server192.168.196.2 with hostname ns
    Network mask255.255.255.0
    Network Address192.168.196.0
    Broadcast mask192.168.196.255
  • The members of this network are:
    Server hostnameIP Address
    eagle.mynet.home192.168.196.3
    Client hostnamesIP Address
    sparrow.mynet.home192.168.196.4
    chicken.mynet.home192.168.196.5
    parrot.mynet.home192.168.196.6

1.1.3 Notes on the Automounters

Two automounters are used and configured:

  • amd This automounter is provided by the am-utils rpm package. In this example it is installed solely for '/net' access to various NFS-accessible systems, both within the NIS domain, and outside of it as well. It really has nothing to do with the NIS configuration documented here, but it can be useful in organisations that already use '/net' mounting. However, do not install it if you don't need it.
  • autofs It is installed solely for the NIS domain. 'amd' could also be configured and used in this fashion, but I prefer 'autofs'

1.1.4 Notes on Home Directories

Note that user's home directories are located in various places, and are NFS-exported for automounting. The convention used is that home directory file systems are mounted in /etc/fstab with the path known as /export/home This filesystem is later NFS-exported by the NFS daemon and only mounted on request via NFS and autofs.

Ideally you should locate all home directories onto an NFS server. This often avoids the necessity of backing up client machines - they are instead treated as black boxes, that can be reinstalled on a whim. It also nicely allows us to focus security policy on servers. However in this example we show home directories served from client machines.

This chapter contains these topics:

Automounter 1 4 20

The Solstice AdminSuite admin_install installation script enables you to install administration systems, distributed administration systems using the automounter mount method for software access.

If you selected the automounter mount method, you must add entries indicating the location of the Solstice AdminSuite software to the automounter maps. The procedures for updating the maps are described in this section for each name service type. Perform these steps only after using the installation script to install the AdminSuite and AutoClient software.

How to Add Automount Support by Using NIS+

  1. Log in to the NIS+ domain as an authorized user.

    You must have read and write access to the tables in the NIS+ org_dir directory.

  2. Ensure that the auto_master table includes an entry for the auto_direct automount map.


    If the auto_direct entry appears in the output, proceed to Step 4. If the entry does not appear, go to the next step.

  3. Add the auto_direct entry to the auto_master table.


    Verify that the entry has been added to the table.


  4. Ensure that the auto_direct table exists.


    If the auto_direct table appears in the output, proceed to Step 6. If the table does not appear, go to the next step.

  5. Create the auto_direct table.


    Verify that the table has been created.


    Proceed to Step 7.

  6. Look for a pre-existing Solstice AdminSuite entry.

    A table entry supporting an earlier version of the Solstice AdminSuite software may be present.


    If an entry similar to the following appears, proceed to Step 8.


    In this example,

    server-name

    Is the Solstice administration system host name.

    install-dir

    Is the path to the Solstice AdminSuite 2.3 software location (usually /export/opt).

    If the entry does not appear, go to the next step.

  7. Add the entry designating the location of the Solstice AdminSuite 2.3 software.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this command.


    In this command,

    server-name

    Is the Solstice administration system host name.

    Verify that the entry has been added to the table.


  8. Add the entry designating the location of the Solstice AdminSuite 2.3 data area.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this command.


    In this command,

    server-name

    Is the Solstice administration system host name.

    Verify that the entry has been added to the table.


  9. Log in as root to all Solstice administration systems and AdminSuite enabled systems in the NIS+ name service domain and run the automount command.


    Running this command enables the system to use the new (or updated) automount table.

How to Add Automount Support by Using NIS

Automounter 1 4 27

  1. Log in as root to the NIS master for your name service domain.

  2. Ensure that the auto.master map has an entry for the auto_direct automount map.


    If the auto_direct entry appears in the output, proceed to Step 4. If the entry does not appear, go to the next step.

  3. Add the auto_direct entry to the auto.master map.

    1. Edit the /etc/auto.master file and add the following entry.


    2. Rebuild the NIS map.

      This make take several minutes.


      Verify that the entry has been added.


  4. Ensure that the auto_direct map exists.


    If the map is found, proceed to Step 8. If the map is not found, go to the next step.

  5. Insert the Solstice AdminSuite 2.3 CD into your CD-ROM drive.

    This step assumes that your system is running Volume Management.

  6. Copy the makefile excerpt to the directory where the NIS maps are stored.


    Note -

    If the NIS maps are stored in a location other than the /var/yp directory, be sure to indicate the correct path in this command.

  7. Create the /etc/auto_direct file.


    Proceed to Step 9.

  8. Look for a pre-existing Solstice AdminSuite entry.

    A table entry supporting an earlier version of the Solstice AdminSuite software may be present.


    If an entry similar to the following appears, proceed to Step 10.


    In this example,

    server-name

    Is the Solstice administration system host name.

    install-dir

    Is the path to the Solstice AdminSuite 2.3 software location (usually /export/opt).

    If the entry does not appear, go to the next step.

  9. Edit the /etc/auto_direct file, adding the entry designating the location of the Solstice AdminSuite 2.3 software.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this entry.


    In this entry,

    server-name

    Is the Solstice administration system host name.

  10. Edit the /etc/auto_direct file, adding the entry designating the location of the Solstice AdminSuite 2.3 data area.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this command.


    In this command,

    server-name

    Omni remover 3 3 0 oz. Is the Solstice administration system host name.

  11. Specify how to process the files.

    Choose one of the following commands, based on whether the auto_direct map is available.

    • If the auto_direct map was found in Step 4, rebuild the NIS map using this command.


    • If the auto_direct map was not found in Step 4, rebuild the NIS map using this command.


    Note -

    If the NIS maps are stored in a location other than the /var/yp directory, be sure to indicate the correct path in this command.

    Verify that the entries have been added.


  12. Log in as root to all Solstice administration systems and AdminSuite enabled systems in the NIS name service and run the automount command.


    Running this command enables the system to use the new (or updated) automount map.

How to Add Automount Support by Using Local /etc Files

Perform these steps for each system on which you want to use the Solstice AdminSuite 2.3 software.

Automounter 1 4 2 4

  1. Log in to the Solstice administration system or managed client as root.

  2. Ensure that the auto_direct entry exists in the /etc/auto_master file.

    A sample auto_master file with the auto_direct entry is displayed below.


    If the auto_direct entry appears in the output, proceed to Step 4. If the entry does not appear, go to the next step.

  3. Edit the /etc/auto_master file, adding the auto_direct entry.


  4. Ensure that the /etc/auto_direct file exists.


    If the file is found, proceed to Step 6. If the file is not found, go to the next step.

  5. Create the /etc/auto_direct file.


    Proceed to step Step 7.

  6. Look for a pre-existing Solstice AdminSuite entry.

    A table entry supporting an earlier version of the Solstice AdminSuite software may be present.


    If an entry similar to the following appears, proceed to Step 8.


    In this example,

    server-name

    Is the Solstice administration system host name.

    install-dir

    Is the path to the Solstice AdminSuite 2.3 software location (usually /export/opt).

    If the entry does not appear, go to the next step.

  7. Edit the /etc/auto_direct file, adding the entry designating location of the Solstice AdminSuite 2.3 software.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this entry.


    In this entry,

    server-name

    Is the Solstice administration system host name.

  8. Edit the /etc/auto_direct file, adding the entry designating the location of the Solstice AdminSuite 2.3 data area.

    Note -

    If you chose an installation location other than the /export/opt directory, be sure to indicate the correct path in this command.


    In this command,

    server-name

    Is the Solstice administration system host name.

  9. Run the automount command.

    Running this command enables the system to use the new automount map.






broken image
PreviousNext
Cookie Use
We use cookies to improve browsing experience, security, and data collection. By accepting, you agree to the use of cookies for advertising and analytics. You can change your cookie settings at any time. Learn More
Accept all
Settings
Decline All
Cookie Settings
Necessary Cookies
These cookies enable core functionality such as security, network management, and accessibility. These cookies can’t be switched off.
Analytics Cookies
These cookies help us better understand how visitors interact with our website and help us discover errors.
Preferences Cookies
These cookies allow the website to remember choices you've made to provide enhanced functionality and personalization.
Save