Automount trickery, submounts, cross-platform stuff etc

Filed under: Geekiness — iain @ 21:48:23

Hands up if your home directory is full of crap. Mine is. It has junk going back to 1999. As a measure of just how much junk I have let me tell you that at time of writing my home directory is 20Gb in size. In addition to having eleven years’ worth of files that I never got round to deleting, a large chunk of that disk usage comes from my Mac in the form of the Library subdirectory which contains pretty much everything Macs need in a user account as well as my Firefox and Thunderbird profiles. Needless to say these are huge.

In fact my home directory is only as small as it is because I moved a wodge of files to a separate storage area. The Documents directory, in which my Mac wants to save … pretty much anything … is actually a symlink to /files/iain/Documents which is automounted from somewhere else. And since my documents are the kind of things which I like to have available all over the place, that same directory is also shared by Samba and my Windows roaming profile knows to go there when I try to open (My) Documents. Some other directories are similarly shared across operating systems, including Desktop, Pictures and Movies.

I’d been thinking for a while that it might be better to move these well-known file stores into their own separate ZFS filesystems on my fileserver. Things came to a head this very evening when I downloaded Steam for Mac only to have it refuse to install because Library/Application Support/Steam wasn’t on a case-insensitive filesystem. It occurred to me that if Library were its own filesystem as I’d been considering, I could make it case-insensitive and trim the size of my home directory by a considerable margin. Although I wouldn’t advocate actually doing it in so crude a way, I believe that a home directory should be small enough that if you were given a UNIX account on a new system you should be able to get yourself up to speed by quickly transferring your entire home area from another environment. A home directory should be for dotfiles, SSH keys and the like. Everything else (real documents) should go Somewhere Else.

Since I use the automounter for everything I figured this would be pretty simple. As it turns out it actually is. The syntax works with Mac, Solaris and Linux as is documented to a greater or lesser extent in each system’s AutoFS manpages. The only potential stumbling block was getting it to work with LDAP but ended up being just as simple as you might hope.

The syntax to have the automounter mount a subdirectory of a configured mount is as follows, in auto.home for instance:

    * / files:/export/home/& /Library files:/export/library/&

So for all x /home/x will be mounted from fileserver:/export/home/x and /home/x/Library will be mounted from fileserver:/export/library/x.

On Linux I found I didn’t need the initial / by itself but both Mac and Solaris didn’t work without it. Another gotcha was that the Library directory had to actually exist in the original directory for it to be mounted from the specified location. In other words it wasn’t sufficient to export /export/home/iain and /export/library/iain from my file server. I also needed to create /export/home/iain/Library for it to be mounted.

In LDAP speak my auto.home became:

    dn: cn=/,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: /
    automountInformation: -fstype=nfs,tcp,rw,intr / files:/export/home/&
     /Library files:/export/library/&

To automount more subdirectories it suffices to add more bits to the automount entry.

    dn: cn=/,ou=auto.home,ou=mounts,dc=iain,dc=cx
    objectClass: automount
    cn: /
    automountInformation: -fstype=nfs,tcp,rw,intr / files:/export/home/&
     /Library files:/export/library/& /Documents files:/export/documents/&

And by redirecting my Windows shell folders to point to these filesystems in their CIFS form I can share them between operating systems.


More on Leopard’s automounter

Filed under: Geekiness — iain @ 11:58:09

I had the Leopard automounter more or less working happily but there was one setback. A combination of Finder’s and Office’s braindead behaviour was triggering many many automount lookups which showed in the LDAP logs:


This was because the Mac wanted to see what was under /home, on which home directories were automounted. It would be annoying if all it did was fill my LDAP logs with this spam. When the automounter causes Rebecca’s machine to kernel panic once every few days, it gets extremely tiresome.

My response to this was to change the automount rules so that /home was managed by auto_static instead of auto_home.

    dn: automountKey=/home,automountMapName=auto_static,ou=mounts,dc=iain,dc=cx
    objectClass: top
    objectClass: automount
    automountKey: /home
    automountInformation: -fstype=nfs,tcp,rw,intr files:/home

On the Linux clients this worked. The Macs, however, were having none of it. With this setup /home was completely inaccessible. All attempts to look at the directory, even ls -ld failed with Permission Denied. The solution is to comment out the /home line in /etc/auto_master.

As a poster in the above thread puts it, sigh.


AutoFS and NFS improvements in Leopard

Filed under: Geekiness — iain @ 10:45:12

It’s fair to say that I’ve been disenchanted with my Leopard upgrades. My gripes are documented in these very pages. Recently, though, I’ve found some stuff in which Leopard is a real improvement over Tiger.



Macs at home; part 7: AFP vs NFS

Filed under: Geekiness — iain @ 20:47:31

See the introduction to this post.

It’s been an eventful day which started and ended with frustration but finishes with a greater understanding of network home directories, a working AFP server and cleartext passwords finally banished.

I sent my fileserver down for reboot to install the latest Linux kernel. At this point my iMac, on which I had a desktop session, became very very upset. My home directory is NFS mounted and when the server went away the client became totally unusable. Even when the server came back up it wouldn’t re-establish the mounts.

UNIX machines traditionally tend to choke when NFS servers go away but the Mac automounter absolutely refused to come back to life and I had no option but the reboot the machine. I wondered if AFP home directories would be more reliable.

It turns out they are but there’s a fatal flaw. An ssh connection to the machine won’t mount the AFP home which means they’re only useful for a desktop session. At least I did get them working though.



Macs at home; Part 4: AutoFS

Filed under: Geekiness — iain @ 21:04:09

See the introduction to this post.

Last time I hinted at getting automount and DHCP-supplied LDAP settings working. I gave up on DHCP since a) I tried to get it working last year at CacheLogic and failed; b) I couldn’t find much documentation on it; c) the documentation I did find suggested that it only provides an LDAP server and base, which wouldn’t be sufficient on my network because of the attribute mappings needed to placate DirectoryService.

I did get automount working, however. And as a special bonus I got it working on a Linux machine too. Since there isn’t a massive amount of useful documentation out there for AutoFS and LDAP, I’ll talk about the Linux configuration here as well as the Mac configuration.



Macs at home; Part 3: LDAP

Filed under: Geekiness — iain @ 19:06:41

See the introduction to this post.

Now I had belsunce and maling configured so that Rebecca and I could log on at either machine and get the same UID and GID for our accounts. Additionally, maling was set up so that users could have NFS home directories. Rebecca’s account was set up to take advantage of this.

The next step is to do away with local accounts on maling altogether (remember that for the moment I’m keeping local details on the laptop; it could be an LDAP secondary I suppose). Users there will authenticate against LDAP instead.



Macs at home; Part 2: NFSHomeDirectory

Filed under: Geekiness — iain @ 21:55:18

See the introduction to this post.

Since I sometimes take my MacBookPro out with me it makes sense that I have a local user account to log on. Rebecca’s Mac Mini, on the other hand, never leaves the house. It’s a prime candidate for mounting user home directories over NFS.

To do this we need our friend the automounter. Automounts can be configured in old-skool flat files. They can be imported from LDAP or NIS with the DirectoryService. Or they can be taken direct from NetInfo. That’s what we’ll use here.


Powered by WordPress