2
.TH AUTO.MASTER 5 "11 Apr 2006"
4
auto.master \- Master Map for automounter
8
map is consulted to set up automount managed mount points when the
12
script is invoked or the
16
program is run. Each line describes a mount point and refers to an
17
autofs map describing file systems to be mounted under the mount
20
The default location of the master map is
22
.B @@autofsmapdir@@/auto.master
24
but an alternate name may be given on the command line when running
25
the automounter and the default master map may changed by setting the
29
configuration variable in
31
.B @@autofsconfdir@@/autofs.
33
If the master map name has no path then the system Name Service Switch configuration
34
will be consulted and each of the sources searched in line with the rules
35
given in the Name Service Switch configuration.
37
Access to mounts in maps is governed by a key.
39
For direct maps the mount point is always specified as:
43
and the key used within the direct map is the full path to the mount point.
45
For indirect maps access is by using the path scheme:
47
.RI / mount-point / key
51
is one of the entries listed in the master map. The
53
is a single directory component and is matched against entries in the
54
map given in the entry (See
57
Additionally, a map may be included from its source as if it were itself
58
present in the master map by including a line of the form:
59
.BR +\ [ maptype , format :] map [ options ]
62
will process the map according to the specification described below for
65
Master map entries have three fields separated by an arbitrary number
66
of spaces or tabs. Lines beginning with # are comments. The first field
67
is the mount point described above and the second field is the name of
68
the map to be consulted for the mount point followed by the third field
69
which contains options to be applied to all entries in the map.
71
The format of a master map entry is:
73
.IR mount-point\ [ map-type [, format ]:] map\ [ options ]
76
Base location for the \fBautofs\fP filesystem to be mounted. For
77
indirect maps this directory will be created (as with \fBmkdir \-p\fP)
78
and is removed when the \fBautofs\fP filesystem is umounted.
81
Type of map used for this mount point. The following are
86
The map is a regular text file.
89
The map is an executable program, which is passed a key on the command
90
line and returns an entry (everything besides the key) on stdout if successful.
93
The map is a NIS (YP) database.
96
The map is a NIS+ database.
99
The map is a hesiod database whose
101
entries are used for maps.
103
.B ldap \fPor\fB ldaps
104
The map is stored in an LDAP directory. If \fBldaps\fP is used the
105
appropriate certificate must be configured in the LDAP client.
108
This map type allows the specification of multiple maps separated
109
by "--". These maps are searched in order to resolve key lookups.
113
Format of the map data; currently the only formats
114
recognized are \fBsun\fP, which is a subset of the Sun automounter map
115
format, and \fBhesiod\fP, for hesiod filesys entries. If the format is
116
left unspecified, it defaults to \fBsun\fP for all map types except
120
Name of the map to use. This is an absolute UNIX pathname
121
for maps of types \fBfile\fP or \fBprogram\fP, and the name of a database
122
in the case for maps of type \fByp\fP, \fBnisplus\fP, or \fBhesiod\fP or
123
the \fBdn\fP of an LDAP entry for maps of type \fBldap\fP.
126
Any remaining command line arguments without leading dashes (\-) are
127
taken as options (\fI\-o\fP) to \fBmount\fP. Arguments with leading
128
dashes are considered options for the maps.
130
The \fBsun\fP format supports the following options:
133
.I "\-Dvariable=value"
134
Replace \fIvariable\fP with \fIvalue\fP in map substitutions.
137
Treat errors when mounting file systems as fatal. This is important when
138
multiple file systems should be mounted (`multimounts'). If this option
139
is given, no file system is mounted at all if at least one file system
143
This is an autofs specific option that is a pseudo mount option and
144
so is given without a leading dash. Historically this option was used
145
to prevent symlinking of local NFS mounts. Nowadays it can be used to
146
prevent bind mounting of local NFS filesystems as well. If you need to
147
prevent bind mounting for only specific entrys in a map then this
148
can be done by adding the "port=" mount option to the given entries.
150
.I "\-r, \-\-random-multimount-selection"
151
Enables the use of ramdom selection when choosing a host from a
152
list of replicated servers. This option is applied to this mount
153
only, overriding the global setting that may be specified on the
156
.I "\-n, \-\-negative\-timeout <seconds>"
157
Set the timeout for caching failed key lookups. This option can be
158
used to override the global default given either on the command line
159
or in the configuration.
160
.SH GENERAL SYSTEM DEFAULTS CONFIGURATION
162
The default value of several general settings may be changed in the
165
.BR @@autofsconfdir@@/autofs .
170
sets the default mount timeout (program default 600).
173
Set the default timeout for caching failed key lookups (program default
174
60). If the equivalent command line option is given it will override this
178
Set the default time to wait for a response from a spawned mount(8)
179
before sending it a SIGTERM. Note that we still need to wait for the
180
RPC layer to timeout before the sub-process exits so this isn't ideal
181
but it is the best we can do. The default is to wait until mount(8)
182
returns without intervention.
185
Set the default time to wait for a response from a spawned umount(8)
186
before sending it a SIGTERM. Note that we still need to wait for the
187
RPC layer to timeout before the sub-process exits so this isn't ideal
188
but it is the best we can do.
191
Maps are browsable by default (program default "yes").
193
.B MOUNT_NFS_DEFAULT_PROTOCOL
194
Specify the default protocol used by mount.nfs(8) (program default 3). Since
195
we can't identify this default automatically we need to set it in the autofs
196
configuration. This option will only make a difference for replicated map
197
entries as availability probing isn't used for single host map entries.
200
Determine whether global options, given on the command line or per mount
201
in the master map, are appended to map entry options or if the map entry
202
options replace the global options (program default "yes", append options).
205
set default log level "none", "verbose" or "debug" (program default "none").
206
.SH BUILTIN MAP -hosts
207
If "-hosts" is given as the map then accessing a key under the mount point
208
which corresponds to a hostname will allow access to the exports of that
211
For example, with an entry in the master map of
215
accessing /net/myserver will mount exports from myserver on directories below
218
NOTE: mounts done from a hosts map will be mounted with the "nosuid,nodev,intr" options
219
unless overridden by explicily specifying the "suid", "dev" or "nointr" options in the
222
If the map type \fBldap\fP is specified the mapname is of the form
223
\fB[//servername/]dn\fP, where the optional \fBservername\fP is
224
the name of the LDAP server to query, and \fBdn\fP is the Distinguished
225
Name of a subtree to search for map entries.
228
.B ldap:servername:mapname
230
is also understood. Alternatively, the type can be obtained from the Name Service Switch
231
configuration, in which case the map name alone must be given.
233
If no schema is set in the autofs configuration then autofs will check
234
each of the commonly used schema for a valid entry and if one is found
235
it will used for subsequent lookups.
237
There are three common schemas in use:
240
Entries in the \fBnisMap\fP schema are \fBnisObject\fP objects in
241
the specified subtree, where the \fBcn\fP attribute is the key
242
(the wildcard key is "/"), and the \fBnisMapEntry\fP attribute
243
contains the information used by the automounter.
246
The \fBautomountMap\fP schema has two variations that differ in the attribute
247
used for the map key. Entries in the automountMap schema are \fBautomount\fP
248
objects in the specified subtree, where the \fBcn\fP or \fBautomountKey\fP
249
attribute (depending on local usage) is the key (the wildcard key is "/"),
250
and the \fBautomountInformation\fP attribute contains the information used
251
by the automounter. Note that the \fBcn\fP attribute is case insensitive.
253
The object classes and attributes used for accessing automount maps in
254
LDAP can be changed by setting entries in the autofs configuration
257
.BR @@autofsconfdir@@/autofs .
261
If a schema is given in the configuration then all the schema configuration
262
values must be set, any partial schema specification will be ignored.
264
The configuration settings available are:
267
Set the network response timeout (default 8).
268
Set timeout value for the synchronous API calls. The default is the LDAP
269
library default of an infinite timeout.
271
.B LDAP_NETWORK_TIMEOUT
272
Set the network response timeout (default 8).
275
A space seperated list of server uris of the form <proto>://<server>[/]
276
where <proto> can be ldap or ldaps. The option can be given multiple times.
277
Map entries that include a server name override this option and it is then
278
not used. Default is an empty list in which case either the server given
279
in a map entry or the LDAP configured default is used. This uri list is read at
280
startup and whenever the daemon receives a HUP signal.
282
This configuration option can also be used to request autofs lookup SRV RRs
283
for a domain of the form <proto>:///[<domain dn>]. Note that a trailing
284
"/" is not allowed when using this form. If the domain dn is not specified
285
the dns domain name (if any) is used to construct the domain dn for the
286
SRV RR lookup. The server list returned from an SRV RR lookup is refreshed
287
according to the minimum ttl found in the SRV RR records or after one hour,
291
The base dn to use when searching for amap base dn. This entry may be
292
given multiple times and each will be checked for a map base dn in
293
the order they occur in the configuration. The search base list is read
294
at startup and whenever the daemon recieves a HUP signal.
297
The map object class. In the \fBnisMap\fP schema this corresponds to the class
298
\fBnisMap\fP and in the \fBautomountMap\fP schema it corresponds to the class
301
.B ENTRY_OBJECT_CLASS
302
The map entry object class. In the \fBnisMap\fP schema this corresponds
303
to the class \fBnisObject\fP and in the \fBautomountMap\fP schema it
304
corresponds to the class \fBautomount\fP.
307
The attribute used to identify the name of the map to which this
308
entry belongs. In the \fBnisMap\fP schema this corresponds to the attribute
309
\fBnisMapName\fP and in the \fBautomountMap\fP schema it corresponds to the
310
attribute \fBou\fP or \fBautomountMapName\fP.
313
The attribute used to identify a map key. In the \fBnisMap\fP schema this
314
corresponds to the attribute \fBcn\fP and in the \fBautomountMap\fP schema
315
it corresponds to the attribute \fBautomountKey\fP.
318
The attribute used to identify the value of the map entry. In the \fBnisMap\fP
319
schema this corresponds to the attribute \fBnisMapEntry\fP and in the \fBautomountMap\fP
320
schema it corresponds to the attribute \fBautomountInformation\fP.
323
It is essential that entries use class and attribute in a consistent
324
manner for correct operation of autofs. For example mixing \fBcn\fP and
325
\fBautomountKey\fP attributes in \fBautomount\fP schema map entries won't
327
.SH LDAP AUTHENTICATION, ENCRYPTED AND CERTIFIED CONNECTIONS
328
LDAP authenticated binds, TLS encrypted connections and certification
329
may be used by setting appropriate values in the autofs authentication
330
configuration file and configuring the LDAP client with appropriate
331
settings. The default location of this file is
333
.BR @@autofsmapdir@@/autofs_ldap_auth.conf .
335
If this file exists it will be used to establish whether TLS or authentication
338
An example of this file is:
343
<?xml version="1.0" ?>
344
<autofs_ldap_sasl_conf
348
authtype="DIGEST-MD5"
355
If TLS encryption is to be used the location of the Certificate Authority
356
certificate must be set within the LDAP client configuration in
357
order to validate the server certificate. If, in addition, a certified
358
connection is to be used then the client certificate and private key file
359
locations must also be configured within the LDAP client.
361
In OpenLDAP these may be configured in the \fBldap.conf\fP file or in the
362
per-user configuration. For example it may be sensible to use the system
363
wide configuration for the location of the Certificate Authority certificate
364
and set the location of the client certificate and private key
365
in the per-user configuration. The location of these files and the configuration
366
entry requirements is system dependent so the documentation for your
367
installation will need to be consulted to get further information.
369
See \fBautofs_ldap_auth.conf\fP(5) for more information.
381
This will generate two mountpoints for
385
and install direct mount triggers for each entry in the direct mount map
389
will lead to the consultation of the map in
393
will consult the NIS map
395
All accesses to paths in the map
397
will trigger mounts when they are accessed and the Name Service Switch
398
configuration will be used to locate the source of the map
404
.BR autofs_ldap_auth.conf (5)
406
This manual page was written by Christoph Lameter <chris@waterf.org>,
407
for the Dean GNU/Linux system. Edited by <hpa@transmeta.com> and
408
Ian Kent <raven@themaw.net> .