Ubuntu
autofs package

Bug #1304246
Comment #14

Comment 14 for bug 1304246

Revision history for this message

eolien (mrnfake) wrote on 2014-09-24:

#14

Here, how i proceed exactly to set up my ldap/autofs conf :

    # rm -Rf /usr/local
    # ln -s /net/local /usr/local
    # apt-get install libpam-ldapd libnss-ldapd auth-client-config autofs5-ldap nfs-kernel-server

    Editer /etc/ldap/ldap.conf
    ____________________________________________________________________________________________
    BASE dc=dc1,dc=dc2,dc=dc3
    URI ldaps:/1.1.1.1/
    # TLS certificates (needed for GnuTLS)
    TLS_CACERT /etc/ssl/certs/ca-certificates.crt
    ____________________________________________________________________________________________

# service nscd restart

    Editer /etc/nslcd.conf
    ____________________________________________________________________________________________
    uid nslcd
    gid nslcd
    uri ldaps://1.1.1.1
    base dc=dc1,dc=dc2,dc=dc3
    ldap_version 3
    ssl on
    tls_reqcert allow
    tls_cacertfile /etc/ssl/ldap-cacert.pem
    nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
    ____________________________________________________________________________________________

    Creer /etc/ssl/ldap-cacert.pem
    ____________________________________________________________________________________________
    -----BEGIN CERTIFICATE-----
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    -----END CERTIFICATE-----
    ____________________________________________________________________________________________

    Editer /etc/nsswitch.conf
    ____________________________________________________________________________________________
    passwd: compat ldap
    group: compat ldap
    shadow: compat ldap

hosts: files mdns4_minimal [NOTFOUND=return] dns
networks: files

    protocols: db files
    services: db files
    ethers: db files
    rpc: db files

    netgroup: files ldap
    automount: files ldap
    ____________________________________________________________________________________________

Autofs

    # mkdir /etc/auto.master.d
    # echo "+auto.home" > /etc/auto.master.d/home
    # echo "local -fstype=nfs4,ro,proto=tcp,port=2049 serveur_nfs1:/bin" > /etc/auto.master.d/net
    # echo "commun -fstype=nfs4,rw,soft,intr server_nfs2:/home/commun" >> /etc/auto.master.d/net
    # echo "/auto_home /etc/auto.master.d/home --timeout=10" > /etc/auto.master.d/home.autofs
    # echo "/net /etc/auto.master.d/net --timeout=10"> /etc/auto.master.d/net.autofs

    Editer /etc/default/autofs
    ____________________________________________________________________________________________
    MASTER_MAP_NAME="/etc/auto.master"
    TIMEOUT=300
    BROWSE_MODE="no"
    LOGGING="none"
    LDAP_URI="ldap://10.6.200.209"
    SEARCH_BASE="dc=info-ufr,dc=univ-montp2,dc=fr"
    MAP_OBJECT_CLASS="nisMap"
    ENTRY_OBJECT_CLASS="nisObject"
    MAP_ATTRIBUTE="nisMapName"
    ENTRY_ATTRIBUTE="cn"
    VALUE_ATTRIBUTE="nisMapEntry"
    ____________________________________________________________________________________________

    Editer /etc/default/nfs-common
    ____________________________________________________________________________________________
    NEED_STATD=
    STATDOPTS=
    NEED_GSSD=no
    NEED_IDMAPD=yes
    ____________________________________________________________________________________________

    Editer /etc/idmapd.conf
    ____________________________________________________________________________________________
    [General]
    Verbosity = 0
    Pipefs-Directory = /run/rpc_pipefs

Domain = rien

    [Mapping]
    Nobody-User = nobody
    Nobody-Group = nogroup
    ____________________________________________________________________________________________

# echo "blacklist rpcsec_gss_krb5" >> /etc/modprobe.d/blacklist.conf

Here, how i proceed exactly to set up my ldap/autofs conf :

# rm -Rf /usr/local
    # ln -s /net/local /usr/local
    # apt-get install libpam-ldapd libnss-ldapd auth-client-config autofs5-ldap nfs-kernel-server
     
    Editer /etc/ldap/ldap.conf
    ____________________________________________________________________________________________
    BASE    dc=dc1,dc=dc2,dc=dc3
    URI     ldaps:/1.1.1.1/
    # TLS certificates (needed for GnuTLS)
    TLS_CACERT      /etc/ssl/certs/ca-certificates.crt
    ____________________________________________________________________________________________
     
    # service nscd restart
     
    Editer /etc/nslcd.conf
    ____________________________________________________________________________________________
    uid nslcd
    gid nslcd
    uri ldaps://1.1.1.1
    base dc=dc1,dc=dc2,dc=dc3
    ldap_version 3
    ssl on
    tls_reqcert allow
    tls_cacertfile /etc/ssl/ldap-cacert.pem
    nss_initgroups_ignoreusers avahi,avahi-autoipd,backup,bin,colord,daemon,games,gnats,hplip,irc,kernoops,libuuid,lightdm,list,lp,mail,man,messagebus,news,proxy,pulse,root,rtkit,saned,speech-dispatcher,sshd,sync,sys,syslog,usbmux,uucp,whoopsie,www-data
    ____________________________________________________________________________________________
     
    Creer /etc/ssl/ldap-cacert.pem
    ____________________________________________________________________________________________
    -----BEGIN CERTIFICATE-----
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
    -----END CERTIFICATE-----
    ____________________________________________________________________________________________
     
    Editer /etc/nsswitch.conf
    ____________________________________________________________________________________________
    passwd:         compat ldap
    group:          compat ldap
    shadow:         compat ldap
     
    hosts:          files mdns4_minimal [NOTFOUND=return] dns
    networks:       files
     
    protocols:      db files
    services:       db files
    ethers:         db files
    rpc:            db files
     
    netgroup:       files ldap
    automount:      files ldap
    ____________________________________________________________________________________________
     
    Autofs
     
    # mkdir /etc/auto.master.d
    # echo "+auto.home" > /etc/auto.master.d/home
    # echo "local -fstype=nfs4,ro,proto=tcp,port=2049 serveur_nfs1:/bin" > /etc/auto.master.d/net
    # echo "commun -fstype=nfs4,rw,soft,intr server_nfs2:/home/commun" >> /etc/auto.master.d/net
    # echo "/auto_home      /etc/auto.master.d/home --timeout=10" > /etc/auto.master.d/home.autofs
    # echo "/net    /etc/auto.master.d/net --timeout=10"> /etc/auto.master.d/net.autofs
     
    Editer /etc/default/autofs
    ____________________________________________________________________________________________
    MASTER_MAP_NAME="/etc/auto.master"
    TIMEOUT=300
    BROWSE_MODE="no"
    LOGGING="none"
    LDAP_URI="ldap://10.6.200.209"
    SEARCH_BASE="dc=info-ufr,dc=univ-montp2,dc=fr"
    MAP_OBJECT_CLASS="nisMap"
    ENTRY_OBJECT_CLASS="nisObject"
    MAP_ATTRIBUTE="nisMapName"
    ENTRY_ATTRIBUTE="cn"
    VALUE_ATTRIBUTE="nisMapEntry"
    ____________________________________________________________________________________________
     
    Editer /etc/default/nfs-common
    ____________________________________________________________________________________________
    NEED_STATD=
    STATDOPTS=
    NEED_GSSD=no
    NEED_IDMAPD=yes
    ____________________________________________________________________________________________
     
    Editer /etc/idmapd.conf
    ____________________________________________________________________________________________
    [General]
    Verbosity = 0
    Pipefs-Directory = /run/rpc_pipefs
     
    Domain = rien
     
    [Mapping]
    Nobody-User = nobody
    Nobody-Group = nogroup
    ____________________________________________________________________________________________
     
    # echo "blacklist rpcsec_gss_krb5" >> /etc/modprobe.d/blacklist.conf

Ubuntuautofs package

Comment 14 for bug 1304246

Ubuntu
autofs package