Automount 5 LDAP filtering question

Automount 5 LDAP filtering question

[Victor Danilchenko]

	Hi all,

	We have a widely deployed autofs net with LDAP as the map source. So 
far, it has worked marvelously well. We have recently installed an FC6 
host, and ran into some problems. All but one of them are solved, but 
that one remains a thorn in my side.

	The problem is this. We have individual systems indirectly automounting 
each other. As such, it is useful for them to be able to keep both the 
automounted and the local mountpoints in the same tree, for performance 
reasons (rather than mount self over NFS from the /exports/myhost 
directory into the /nfs/myhost directory, for example). With automount 
4, it was easy. Since it was getting the LDAP master map via a dedicated 
utility which printed the formatted map to STDOUT, we just modified the 
way this utility is called:

/usr/lib/autofs/autofs-ldap-auto-master | grep -v auto.`hostname`

	This way, each automounting host in a given group would get the entire 
auto.master map from LDAP, but without that host's own automount entry 
-- it would have the local volumes already mounted in the same location. 
Every host's volumes are just transparently accessible in /nfs/<hostname>/*

	In comes automount 5. There is no longer the wrapper script, automount 
knows how to use the LDAP master map directly. We got it all to work 
with out current LDAP data tree, with one 'but': I can find no facility 
to exclude self's automount entry.

	Is there perhaps some undocumented way to specify an additional LDAP 
filter clause that could be conjoined with the standard 
'(objectClass=<DEFAULT_ENTRY_OBJECT_CLASS>)' filter? I can't imagine 
nobody else has run into the problem of excluding self's mounts from the 
LDAP master map in a cross-mount situation...

	Something conceptually equivalent to this, to go into 
/etc/sysconfig/autofs:

EXTRA_FILTER_CLAUSE="!(cn=/nfs/myhost)"

	So that if the EXTRA_FILTER_CLAUSE is defined, the "(<DEFAULT_FILTER>)" 
is replaced with:

"(&(<DEFAULT_FILTER>)(EXTRA_FILTER_CLAUSE))"

	Is there anything in Automount 5 that would provide this sort of 
functionality?

-- 
|  Victor  Danilchenko  | Students nowadays, complaining they only get |
| danilche@cs.umass.edu | 10MBs of disk space! In my day we were lucky |
|   CSCF   |   5-4231   | if we had one file, and that was /dev/null.  |

Re: Automount 5 LDAP filtering question

[Jim Carter]

On Fri, 23 Mar 2007, Victor Danilchenko wrote:

> 	The problem is this. We have individual systems indirectly automounting 
> each other. As such, it is useful for them to be able to keep both the 
> automounted and the local mountpoints in the same tree, for performance 
> reasons (rather than mount self over NFS from the /exports/myhost 
> directory into the /nfs/myhost directory, for example). With automount 

Which operating system is this?  We're running Linux (with autofs-4), and 
autofs is smart enough to recognize and do a bind mount of local 
filesystems, so there is no overhead.  We don't do anything special; 
however, the local filesystems are in one place (/h[1-9], /m[1-9]) while 
the automounted references are elsewhere (/net/$HOSTNAME).  Here's an 
excerpt from /etc/mtab on a typical host, Sunset:

/dev/sdb2 /m1 ext3 rw,acl,user_xattr,quota 0 0
automount(pid4220) /net autofs rw,fd=4,pgrp=4220,minproto=2,maxproto=4 0 0
automount(pid4094) /net/sunset autofs rw,fd=4,pgrp=4220...
/m1 /net/sunset/m1 none rw,bind 0 0                  <== Bind mount here
automount(pid21051) /net/julia autofs rw,fd=4,pgrp=4220...
julia:/h1 /net/julia/h1 nfs rw,,addr=128.97.4.5...   <== NFS mount here

So at least on Linux you don't need to exclude local filesystems from the 
automount map.  I believe Solaris also has this situation covered but I 
can't remember just what it does. 

James F. Carter          Voice 310 825 2897    FAX 310 206 6673
UCLA-Mathnet;  6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA  90095-1555
Email: jimc@math.ucla.edu    http://www.math.ucla.edu/~jimc (q.v. for PGP key)

Re: Automount 5 LDAP filtering question

[Victor Danilchenko]

Jim Carter wrote:
> On Fri, 23 Mar 2007, Victor Danilchenko wrote:
> 
>> 	The problem is this. We have individual systems indirectly automounting 
>> each other. As such, it is useful for them to be able to keep both the 
>> automounted and the local mountpoints in the same tree, for performance 
>> reasons (rather than mount self over NFS from the /exports/myhost 
>> directory into the /nfs/myhost directory, for example). With automount 
> 
> Which operating system is this?  We're running Linux (with autofs-4), and 
> autofs is smart enough to recognize and do a bind mount of local 
> filesystems, so there is no overhead.

	Interesting. I didn't know that. I am sure it's the same way on Fedora 
and RHEL. I hope someone will offer a way to customize the LDAP filter, 
but if it's not possible, we will go with your idea, thanks.

	Thanks a bunch.

> We don't do anything special; 
> however, the local filesystems are in one place (/h[1-9], /m[1-9]) while 
> the automounted references are elsewhere (/net/$HOSTNAME).   Here's an
> excerpt from /etc/mtab on a typical host, Sunset:
> 
> /dev/sdb2 /m1 ext3 rw,acl,user_xattr,quota 0 0
> automount(pid4220) /net autofs rw,fd=4,pgrp=4220,minproto=2,maxproto=4 0 0
> automount(pid4094) /net/sunset autofs rw,fd=4,pgrp=4220...
> /m1 /net/sunset/m1 none rw,bind 0 0                  <== Bind mount here
> automount(pid21051) /net/julia autofs rw,fd=4,pgrp=4220...
> julia:/h1 /net/julia/h1 nfs rw,,addr=128.97.4.5...   <== NFS mount here
> 
> So at least on Linux you don't need to exclude local filesystems from the 
> automount map.  I believe Solaris also has this situation covered but I 
> can't remember just what it does. 
> 
> James F. Carter          Voice 310 825 2897    FAX 310 206 6673
> UCLA-Mathnet;  6115 MSA; 405 Hilgard Ave.; Los Angeles, CA, USA  90095-1555
> Email: jimc@math.ucla.edu    http://www.math.ucla.edu/~jimc (q.v. for PGP key)


-- 
|  Victor  Danilchenko  + Unix: Your gun, Your bullet,        |
| danilche@cs.umass.edu |       Your foot, Your choice.       |
|   CSCF   |   5-4231   | MS:   Same as Unix, BUT: No choice, |
+-----------------------+       and We Aim Higher.            |