1AUTO.MASTER(5) File Formats Manual AUTO.MASTER(5)
2
6 auto.master - Master Map for automounter
7
9 The auto.master map is consulted to set up automount managed mount
10 points when the autofs(8) script is invoked or the automount(8) program
11 is run. Each line describes a mount point and refers to an autofs map
12 describing file systems to be mounted under the mount point.
13 The default location of the master map is /etc/auto.master but an al‐
15 ternate name may be given on the command line when running the auto‐
16 mounter and the default master map may changed by setting the
17 MASTER_MAP_NAME configuration variable in /etc/sysconfig/autofs. If
18 the master map name has no path then the system Name Service Switch
19 configuration will be consulted and each of the sources searched in
20 line with the rules given in the Name Service Switch configuration.
21 Access to mounts in maps is governed by a key.
23 For direct maps the mount point is always specified as:
25 /-
27 and the key used within the direct map is the full path to the mount
29 point.
30 For indirect maps access is by using the path scheme:
32 /mount-point/key
34 where mount-point is one of the entries listed in the master map. The
36 key is a single directory component and is matched against entries in
37 the map given in the entry (See autofs(5)).
38 Additionally, a map may be included from its source as if it were it‐
40 self present in the master map by including a line of the form: + [map‐
41 type,format:]map[options] and automount(8) will process the map accord‐
42 ing to the specification described below for map entries.
43
45 Master map entries have three fields separated by an arbitrary number
46 of spaces or tabs. Lines beginning with # are comments. The first field
47 is the mount point described above and the second field is the name of
48 the map to be consulted for the mount point followed by the third field
49 which contains options to be applied to all entries in the map.
50 The format of a master map entry is:
52 mount-point [map-type[,format]:]map [options]
54 mount-point
56 Base location for the autofs filesystem to be mounted. For in‐
57 direct maps this directory will be created (as with mkdir -p)
58 and is removed when the autofs filesystem is umounted.
59 map-type
61 Type of map used for this mount point. The following are valid
62 map types:
63 file The map is a regular text file.
65 program
67 The map is an executable program, which is passed a key
68 on the command line and returns an entry (everything be‐
69 sides the key) on stdout if successful.
70 yp The map is a NIS (YP) database.
72 nisplus
74 The map is a NIS+ database.
75 hesiod The map is a hesiod database whose filsys entries are
77 used for maps.
78 ldap or ldaps
80 The map is stored in an LDAP directory. If ldaps is used
81 the appropriate certificate must be configured in the
82 LDAP client.
83 multi This map type allows the specification of multiple maps
85 separated by "--". These maps are searched in order to
86 resolve key lookups.
87 format Format of the map data; currently the only formats recognized
89 are sun, which is a subset of the Sun automounter map format,
90 and hesiod, for hesiod filesys entries. If the format is left
91 unspecified, it defaults to sun for all map types except hesiod.
92 map Name of the map to use. This is an absolute UNIX pathname for
94 maps of types file or program, and the name of a database in the
95 case for maps of type yp, nisplus, or hesiod or the dn of an
96 LDAP entry for maps of type ldap.
97 options
99 Any remaining command line arguments without leading dashes (-)
100 are taken as options (-o) to mount. Arguments with leading
101 dashes are considered options for the maps.
102 The sun format supports the following options:
104 -Dvariable=value
106 Replace variable with value in map substitutions.
107 -strict
109 Treat errors when mounting file systems as fatal. This is
110 important when multiple file systems should be mounted
111 (`multimounts'). If this option is given, no file system
112 is mounted at all if at least one file system can't be
113 mounted.
114 nosymlink
116 This is an autofs specific option that is a pseudo mount
117 option and so is given without a leading dash. Histori‐
118 cally this option was used to prevent symlinking of local
119 NFS mounts. Nowadays it can be used to prevent bind
120 mounting of local NFS filesystems as well. If you need to
121 prevent bind mounting for only specific entrys in a map
122 then this can be done by adding the "port=" mount option
123 to the given entries.
124 -r, --random-multimount-selection
126 Enables the use of ramdom selection when choosing a host
127 from a list of replicated servers. This option is applied
128 to this mount only, overriding the global setting that
129 may be specified on the command line.
130 -n, --negative-timeout <seconds>
132 Set the timeout for caching failed key lookups. This op‐
133 tion can be used to override the global default given ei‐
134 ther on the command line or in the configuration.
135
137 The default value of several general settings may be changed in the
138 configuration file /etc/sysconfig/autofs. They are:
139 TIMEOUT
141 sets the default mount timeout (program default 600).
142 NEGATIVE_TIMEOUT
144 Set the default timeout for caching failed key lookups (program
145 default 60). If the equivalent command line option is given it
146 will override this setting.
147 MOUNT_WAIT
149 Set the default time to wait for a response from a spawned
150 mount(8) before sending it a SIGTERM. Note that we still need to
151 wait for the RPC layer to timeout before the sub-process exits
152 so this isn't ideal but it is the best we can do. The default is
153 to wait until mount(8) returns without intervention.
154 UMOUNT_WAIT
156 Set the default time to wait for a response from a spawned
157 umount(8) before sending it a SIGTERM. Note that we still need
158 to wait for the RPC layer to timeout before the sub-process ex‐
159 its so this isn't ideal but it is the best we can do.
160 BROWSE_MODE
162 Maps are browsable by default (program default "yes").
163 MOUNT_NFS_DEFAULT_PROTOCOL
165 Specify the default protocol used by mount.nfs(8) (program de‐
166 fault 3). Since we can't identify this default automatically we
167 need to set it in the autofs configuration. This option will on‐
168 ly make a difference for replicated map entries as availability
169 probing isn't used for single host map entries.
170 APPEND_OPTIONS
172 Determine whether global options, given on the command line or
173 per mount in the master map, are appended to map entry options
174 or if the map entry options replace the global options (program
175 default "yes", append options).
176 LOGGING
178 set default log level "none", "verbose" or "debug" (program de‐
179 fault "none").
180
182 If "-hosts" is given as the map then accessing a key under the mount
183 point which corresponds to a hostname will allow access to the exports
184 of that host.
185 For example, with an entry in the master map of /net -hosts accessing
187 /net/myserver will mount exports from myserver on directories below
188 /net/myserver.
189 NOTE: mounts done from a hosts map will be mounted with the "no‐
191 suid,nodev,intr" options unless overridden by explicily specifying the
192 "suid", "dev" or "nointr" options in the master map entry.
193
195 If the map type ldap is specified the mapname is of the form [//server‐
196 name/]dn, where the optional servername is the name of the LDAP server
197 to query, and dn is the Distinguished Name of a subtree to search for
198 map entries. The old style ldap:servername:mapname is also understood.
199 Alternatively, the type can be obtained from the Name Service Switch
200 configuration, in which case the map name alone must be given.
201 If no schema is set in the autofs configuration then autofs will check
203 each of the commonly used schema for a valid entry and if one is found
204 it will used for subsequent lookups.
205 There are three common schemas in use:
207 nisMap Entries in the nisMap schema are nisObject objects in the speci‐
209 fied subtree, where the cn attribute is the key (the wildcard
210 key is "/"), and the nisMapEntry attribute contains the informa‐
211 tion used by the automounter.
212 automountMap
214 The automountMap schema has two variations that differ in the
215 attribute used for the map key. Entries in the automountMap
216 schema are automount objects in the specified subtree, where the
217 cn or automountKey attribute (depending on local usage) is the
218 key (the wildcard key is "/"), and the automountInformation at‐
219 tribute contains the information used by the automounter. Note
220 that the cn attribute is case insensitive.
221 The object classes and attributes used for accessing automount maps in
223 LDAP can be changed by setting entries in the autofs configuration lo‐
224 cated in /etc/sysconfig/autofs.
225 NOTE: If a schema is given in the configuration then all the schema
227 configuration values must be set, any partial schema specifica‐
228 tion will be ignored.
229 The configuration settings available are:
231 LDAP_TIMEOUT
233 Set the network response timeout (default 8). Set timeout value
234 for the synchronous API calls. The default is the LDAP library
235 default of an infinite timeout.
236 LDAP_NETWORK_TIMEOUT
238 Set the network response timeout (default 8).
239 LDAP_URI
241 A space seperated list of server uris of the form <pro‐
242 to>://<server>[/] where <proto> can be ldap or ldaps. The option
243 can be given multiple times. Map entries that include a server
244 name override this option and it is then not used. Default is an
245 empty list in which case either the server given in a map entry
246 or the LDAP configured default is used. This uri list is read at
247 startup and whenever the daemon receives a HUP signal.
248 This configuration option can also be used to request autofs lookup SRV
250 RRs for a domain of the form <proto>:///[<domain dn>]. Note that a
251 trailing "/" is not allowed when using this form. If the domain dn is
252 not specified the dns domain name (if any) is used to construct the do‐
253 main dn for the SRV RR lookup. The server list returned from an SRV RR
254 lookup is refreshed according to the minimum ttl found in the SRV RR
255 records or after one hour, whichever is less.
256 SEARCH_BASE
258 The base dn to use when searching for amap base dn. This entry
259 may be given multiple times and each will be checked for a map
260 base dn in the order they occur in the configuration. The search
261 base list is read at startup and whenever the daemon recieves a
262 HUP signal.
263 MAP_OBJECT_CLASS
265 The map object class. In the nisMap schema this corresponds to
266 the class nisMap and in the automountMap schema it corresponds
267 to the class automountMap.
268 ENTRY_OBJECT_CLASS
270 The map entry object class. In the nisMap schema this corre‐
271 sponds to the class nisObject and in the automountMap schema it
272 corresponds to the class automount.
273 MAP_ATTRIBUTE
275 The attribute used to identify the name of the map to which this
276 entry belongs. In the nisMap schema this corresponds to the at‐
277 tribute nisMapName and in the automountMap schema it corresponds
278 to the attribute ou or automountMapName.
279 ENTRY_ATTRIBUTE
281 The attribute used to identify a map key. In the nisMap schema
282 this corresponds to the attribute cn and in the automountMap
283 schema it corresponds to the attribute automountKey.
284 VALUE_ATTRIBUTE
286 The attribute used to identify the value of the map entry. In
287 the nisMap schema this corresponds to the attribute nisMapEntry
288 and in the automountMap schema it corresponds to the attribute
289 automountInformation.
290 NOTE: It is essential that entries use class and attribute in a con‐
292 sistent manner for correct operation of autofs. For example mix‐
293 ing cn and automountKey attributes in automount schema map en‐
294 tries won't work as expected.
295
297 LDAP authenticated binds, TLS encrypted connections and certification
298 may be used by setting appropriate values in the autofs authentication
299 configuration file and configuring the LDAP client with appropriate
300 settings. The default location of this file is
301 /etc/autofs_ldap_auth.conf. If this file exists it will be used to es‐
302 tablish whether TLS or authentication should be used.
303 An example of this file is:
305 <?xml version="1.0" ?>
307 <autofs_ldap_sasl_conf
308 usetls="yes"
309 tlsrequired="no"
310 authrequired="no"
311 authtype="DIGEST-MD5"
312 user="xyz"
313 secret="abc"
314 />
315 If TLS encryption is to be used the location of the Certificate Author‐
317 ity certificate must be set within the LDAP client configuration in or‐
318 der to validate the server certificate. If, in addition, a certified
319 connection is to be used then the client certificate and private key
320 file locations must also be configured within the LDAP client.
321 In OpenLDAP these may be configured in the ldap.conf file or in the
323 per-user configuration. For example it may be sensible to use the sys‐
324 tem wide configuration for the location of the Certificate Authority
325 certificate and set the location of the client certificate and private
326 key in the per-user configuration. The location of these files and the
327 configuration entry requirements is system dependent so the documenta‐
328 tion for your installation will need to be consulted to get further in‐
329 formation.
330 See autofs_ldap_auth.conf(5) for more information.
332
334 /- auto.data
335 /home /etc/auto.home
336 /mnt yp:mnt.map
337 This will generate two mountpoints for /home and /mnt and install di‐
339 rect mount triggers for each entry in the direct mount map auto.data.
340 All accesses to /home will lead to the consultation of the map in
341 /etc/auto.home and all accesses to /mnt will consult the NIS map
342 mnt.map. All accesses to paths in the map auto.data will trigger
343 mounts when they are accessed and the Name Service Switch configuration
344 will be used to locate the source of the map auto.data.
345
347 automount(8), autofs(5), autofs(8). autofs_ldap_auth.conf(5)
348
350 This manual page was written by Christoph Lameter <chris@waterf.org>,
351 for the Dean GNU/Linux system. Edited by <hpa@transmeta.com> and Ian
352 Kent <raven@themaw.net> .
353 11 Apr 2006 AUTO.MASTER(5)