Score:1

How should we automount home directories stored at different NFS paths at /home/$USER?

ve flag

We're currently transitioning to storing all of our organization's user information in Red Hat IDM (FreeIPA). We have several thousand users, and mount user home directories over NFS from a NetApp filer. On the filer, home directories are stored in 50+ subdirectories spread across more than a dozen volumes depending on their account type & organizational role.

We would like to change where we mount user home directories on NFS clients. Doing so as part of the migration to IDM seems to make sense, since we'll be reinstalling clients or changing their configs, anyway.

In our legacy configuration, NFS clients mount home directories either one or two subdirectories down from /home/, at a path that matches where the homedir is stored on the NFS server.

We would like clients to instead mount all user home directories at /home/$USERNAME.

Here are some made-up examples of where user home directories might live on the NFS server and where they would be mounted (in our current configuration) on an NFS client:

  • nfs:/vol/home_d/81/jim -> /home/d/81/jim
  • nfs:/vol/home_d/red93/isabelle -> /home/d/red93/isabelle
  • nfs:/vol/home_z/samantha -> /home/z/samantha
  • nfs:/vol/home_z/blue/robert -> /home/z/blue/robert

In the future, we'd like to mount robert's home directory at /home/robert, isabelle's at /home/isabelle, and so on. We haven't set up automount maps in FreeIPA yet, but we tried the following with flat files in /etc/ on a RHEL client:

auto.master:

/home /etc/auto.home --timeout 60

auto.home:

*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_d/81
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_d/red93
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_z
*       -tcp,vers=3,nosuid,nodev,sync,rsize=32768,wsize=32768,intr,noatime,acl nfs:/vol/home_z/blue

Unfortunately, it didn't work as desired. Only the first entry (in this case, the mapping to nfs:/vol/home_d/81) was searched, when we were hoping that automount would continue iterating over the keys until it found a match.

Given the layout of our NFS server, what would be the most logical and performant way of automounting user home directories on-demand at /home? Ideally, we'd like to store automount information in IDM/FreeIPA.

  • Should we use the cn=automount,dc=example,dc=com tree that's part of FreeIPA already? If so, can we just have entries for the ~50 directories that hold user home directory folders, or do we need one entry for each user? (We're prepared to do the latter. Creating them programmatically would be easy, but we're unsure of the performance & long-term management implications.)
  • Should we create & use nisMap objects?
  • Should we add a custom attribute to user records, and use that?
  • Is there something better we didn't think of?

Our NFS clients include RHEL, Ubuntu, and a smattering of macOS. (Retaining macOS support/compability would be nice, but is not required. We're prepared to drop it from our list of supported platforms.)

If necessary, we could re-organize the layout on the NFS server somewhat, but we'd still want to keep homedirectories in several different volumes (and ideally several different subdirectories).

okapi avatar
us flag
You can't use the `*` wildcard because the first will match. You'll need to add an automount entry for every user. These can be in freeipa
mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.