1AUTOFS.CONF(5) File Formats Manual AUTOFS.CONF(5)
2
3
4
6 autofs.conf - autofs configuration
7
9 Configuration settings used by automount(8) may be changed in the con‐
10 figuration file /etc/autofs.conf.
11
12 This file contains two primary sections, autofs and amd.
13
14 Configuration entries may be present at the beginning of the configura‐
15 tion file without a section header and are implicitly included as part
16 of the autofs section.
17
18 Each section name is enclosed in square brackets with spaces between
19 the brackets and the section name. The amd section may be followed by
20 further sections, named by the top level mount point path, that contain
21 per mount configuration settings.
22
24 Configuration settings available are:
25
26 timeout
27 Sets the default mount timeout in seconds. The internal program
28 default is 10 minutes, but the default installed configuration
29 overrides this and sets the timeout to 5 minutes to be consis‐
30 tent with earlier autofs releases.
31
32 master_wait
33 Sets the default maximum number of retries (actaul iterations is
34 half this, each is delayed by 2 seconds before retrying) waiting
35 for the master map to become available if it cannot be read at
36 program start (program default 10, then continue). This can be
37 longer if the map source itself waits for availability (such as
38 sss).
39
40 negative_timeout
41 Set the default timeout for caching failed key lookups (program
42 default 60). If the equivalent command line option is given it
43 will override this setting.
44
45 mount_verbose
46 Use the verbose flag when spawning mount(8), and log some
47 process info about the requestor and its parent (program default
48 "no").
49
50 mount_wait
51 Set the default time to wait for a response from a spawned
52 mount(8) before sending it a SIGTERM. Note that we still need to
53 wait for the RPC layer to timeout before the sub-process exits
54 so this isn't ideal but it is the best we can do. The default is
55 to wait until mount(8) returns without intervention.
56
57 umount_wait
58 Set the default time to wait for a response from a spawned
59 umount(8) before sending it a SIGTERM. Note that we still need
60 to wait for the RPC layer to timeout before the sub-process ex‐
61 its so this isn't ideal but it is the best we can do.
62
63 browse_mode
64 Maps are browsable by default (program default "yes").
65
66 mount_nfs_default_protocol
67 Set the default protocol that mount.nfs(8) uses when performing
68 a mount (program default 3). Autofs needs to know the default
69 NFS protocol that mount.nfs(8) uses so it can do special case
70 handling for its availability probe for different NFS protocols.
71 Since we can't identify this default automatically we need to
72 set it in the autofs configuration.
73
74 append_options
75 Determine whether global options, given on the command line or
76 per mount in the master map, are appended to map entry options
77 or if the map entry options replace the global options (program
78 default "yes", append options).
79
80 logging
81 set default log level "none", "verbose" or "debug" (program de‐
82 fault "none").
83
84 force_standard_program_map_env
85 override the use of a prefix with standard environment variables
86 when a program map is executed. Since program maps are run as
87 the privileged user setting these standard environment variables
88 opens automount(8) to potential user privilege escalation when
89 the program map is written in a language that can load compo‐
90 nents from, for example, a user home directory (program default
91 "no").
92
93 map_hash_table_size
94 This configuration option may be used to change the number of
95 hash table slots (default 1024).
96
97 This configuration option affects the overhead of searching the
98 map entry cache for map entries when there are a large number of
99 entries. It affects the number of entries that must be looked
100 at to locate a map entry in the map entry cache. For example,
101 the default of 1024 and a direct map with 8000 entries would re‐
102 sult in each slot containing an average of 8 entries, which
103 should be acceptable.
104
105 However, if excessive CPU usage is observed during automount
106 lookups increasing this option can reduce the CPU overhead con‐
107 siderably because it reduces the length of the search chains.
108
109 Note that the number of entries in a map doesn't necessarily re‐
110 late to the number of entries used in the map entry cache.
111
112 There are two distinct cases where the map hash table can make a
113 significant difference, direct maps and indirect maps that use
114 the "browse" option.
115
116 For indirect maps that do not use the "browse" option entries
117 are added to the map entry cache at lookup so the number of ac‐
118 tive cache entries, in this case, is usually much less than the
119 number of entries in the map. In this last case it would be un‐
120 usual for the map entry cache to grow large enough to warrant
121 increasing the default before an event that cleans stale en‐
122 tries, a map re-read for example.
123
124 use_hostname_for_mounts
125 NFS mounts where the host name resolves to more than one IP ad‐
126 dress are probed for availability and to establish the order in
127 which mounts to them should be tried. To ensure that mount at‐
128 tempts are made only to hosts that are responding and are tried
129 in the order of hosts with the quickest response the IP address
130 of the host needs to be used for the mount.
131
132 If it is necessary to use the hostname given in the map entry
133 for the mount regardless, then set this option to "yes".
134
135 Be aware that if this is done there is no defense against the
136 host name resolving to one that isn't responding and while the
137 number of attempts at a successful mount will correspond to the
138 number of addresses the host name resolves to the order will
139 also not correspond to fastest responding hosts.
140
141 disable_not_found_message
142 The original request to add this log message needed it to be un‐
143 conditional. That produces, IMHO, unnecessary noise in the log
144 so a configuration option has been added to provide the ability
145 to turn it off. The default is "no" to maintain the current be‐
146 haviour.
147
148 use_ignore_mount_option
149 An option to enable the use of autofs pseudo option "disable".
150 This option is used as a hint to user space that the mount entry
151 should be ommitted from mount table listings. The default is
152 "no" to avoid unexpected changes in behaviour and so is an opt-
153 in setting.
154
155 sss_master_map_wait
156 Set the time to wait and retry if sssd is unable to read the
157 master map at program start. Program default is 0 (don't wait)
158 or 10 if sss supports returning EHSTDOWN when the provider isn't
159 available.
160
161 If the sss library supports returning EHOSTDOWN when the
162 provider is down then this value is how long to wait between re‐
163 tries reading the master map. When reading dependent maps or
164 looking up a map key this value is multiplied by the number of
165 retries that would be used when reading the master map.
166
167 use_mount_request_log_id
168 Set whether to use a mount request log id so that log entries
169 for specific mount requests can be easily identified in logs
170 that have multiple concurrent requests. Default is don't use
171 mount request log ids.
172
173 LDAP Configuration
174 Configuration settings available are:
175
176 ldap_timeout
177 Set the network response timeout (default 8). Set timeout value
178 for the synchronous API calls. The default is the LDAP library
179 default of an infinite timeout.
180
181 ldap_network_timeout
182 Set the network response timeout (default 8).
183
184 ldap_uri
185 A space separated list of server uris of the form
186 <proto>://<server>[/] where <proto> can be ldap or ldaps. The
187 option can be given multiple times. Map entries that include a
188 server name override this option and it is then not used. De‐
189 fault is an empty list in which case either the server given in
190 a map entry or the LDAP configured default is used. This uri
191 list is read at startup and whenever the daemon receives a HUP
192 signal.
193
194 This configuration option can also be used to request autofs
195 lookup SRV RRs for a domain of the form <proto>:///[<domain
196 dn>]. Note that a trailing "/" is not allowed when using this
197 form. If the domain dn is not specified the dns domain name (if
198 any) is used to construct the domain dn for the SRV RR lookup.
199 The server list returned from an SRV RR lookup is refreshed ac‐
200 cording to the minimum ttl found in the SRV RR records or after
201 one hour, whichever is less.
202
203 search_base
204 The base dn to use when searching for amap base dn. This entry
205 may be given multiple times and each will be checked for a map
206 base dn in the order they occur in the configuration. The search
207 base list is read at startup and whenever the daemon recieves a
208 HUP signal.
209
210 map_object_class
211 The map object class. In the nisMap schema this corresponds to
212 the class nisMap and in the automountMap schema it corresponds
213 to the class automountMap.
214
215 entry_object_class
216 The map entry object class. In the nisMap schema this corre‐
217 sponds to the class nisObject and in the automountMap schema it
218 corresponds to the class automount.
219
220 map_attribute
221 The attribute used to identify the name of the map to which this
222 entry belongs. In the nisMap schema this corresponds to the at‐
223 tribute nisMapName and in the automountMap schema it corresponds
224 to the attribute ou or automountMapName.
225
226 entry_attribute
227 The attribute used to identify a map key. In the nisMap schema
228 this corresponds to the attribute cn and in the automountMap
229 schema it corresponds to the attribute automountKey.
230
231 value_attribute
232 The attribute used to identify the value of the map entry. In
233 the nisMap schema this corresponds to the attribute nisMapEntry
234 and in the automountMap schema it corresponds to the attribute
235 automountInformation.
236
237 NOTE: It is essential that entries use class and attribute in a con‐
238 sistent manner for correct operation of autofs. For example mix‐
239 ing cn and automountKey attributes in automount schema will not
240 work as expected.
241
242 auth_conf_file
243 This configuration option may be used to specify an alternate
244 location for the ldap authentication configuration file. See
245 autofs_ldap_auth.conf(5) for more information.
246
248 A number of the amd configuration options are not used by autofs, some
249 because they are not relevant within autofs, some because they are done
250 differently in autofs and others that are not yet implemented.
251
252 Since mount_type is always autofs (because there's no user space NFS
253 server) the configuration entries relating to that aren't used. Also,
254 server availability is done differently within autofs so the options
255 that relate to the amd server monitoring sub-system are also not used.
256
257 These options are mount_type, auto_attrcache, portmap_program,
258 nfs_vers_ping, nfs_allow_any_interface, nfs_allow_insecure_port,
259 nfs_proto, nfs_retransmit_counter, nfs_retransmit_counter_udp, nfs_re‐
260 transmit_counter_tcp, nfs_retransmit_counter_toplvl, nfs_retry_inter‐
261 val, nfs_retry_interval_udp, nfs_retry_interval_tcp, nfs_retry_inter‐
262 val_toplvl and nfs_vers.
263
264 Other options that are not used within the autofs implementation:
265
266 log_file, truncate_log
267 sends its output to syslog so an alternate log file (or truncat‐
268 ing the log) can't be used.
269
270 print_pid
271 There's no corresponding option for this within autofs.
272
273 use_tcpwrappers, show_statfs_entries
274 There's no user space NFS server to control access to so this
275 option isn't relevant. The show_statfs_entries can't be imple‐
276 mented for the same reason.
277
278 debug_mtab_file
279 There's no user space NFS server and autofs avoids using file
280 based mtab whenever possible.
281
282 sun_map_syntax
283 Sun map format is handled by autofs itself.
284
285 plock, show_statfs_entries, preferred_amq_port
286 Are not supported by autofs.
287
288 ldap_cache_maxmem, ldap_cache_seconds
289 External ldap caching is not used by autofs.
290
291 ldap_proto_version
292 autofs always attempts to use the highest available ldap proto‐
293 col version.
294
295 cache_duration, map_reload_interval, map_options
296 The map entry cache is continually updated and stale entries
297 cleaned on re-load, which is done when map changes are detected
298 so these configuration entries are not used by autofs. An excep‐
299 tion to this is the case where the map is large. In this case it
300 may be necessary to read the whole map at startup even if brows‐
301 ing is not enabled. Adding the cache:=all option to map_options
302 can be used to for this.
303
304 localhost_address
305 This is not used within autofs. This configuration option was
306 only used in the amd user space server code and is not relevant
307 within autofs.
308
309 Options that are handled differently within autofs:
310
311 pid_file
312 To specify a pid file name a command line option must be used on
313 startup.
314
315 print_version
316 Program version and feature information is obtained by using the
317 automount command line option "-V".
318
319 debug_options , log_options
320 autofs has somewhat more limited logging and debug logging op‐
321 tions. When the log_options options is encountered it is con‐
322 verted to the nearest matching autofs logging option. Since the
323 configuration option debug_options would be handled the same way
324 it is ignored.
325
326 restart_mounts
327 This option has no sensible meaning within autofs because autofs
328 always tries to re-connect to existing mounts. While this has
329 its own set of problems not re-connecting to existing mounts al‐
330 ways results in a non-functional automount tree if mounts were
331 busy at the last shutdown (as is also the case with amd when us‐
332 ing mount_type autofs).
333
334 forced_unmounts
335 Detaching mounts often causes serious problems for users of ex‐
336 isting mounts. It is used by autofs in some cases, either at the
337 explicit request of the user (with a command line or init op‐
338 tion) and in some special cases during program operation but is
339 avoided whenever possible.
340
341 A number of configuration options are not yet implemented:
342
343 search_path
344 Always a little frustrating, the compiled in map location should
345 be used to locate maps but isn't in some cases. This requires
346 work within autofs itself and that will (obviously) include im‐
347 plementing this configuration option for the amd map parser as
348 well.
349
350 fully_qualified_hosts
351 Not yet implemented.
352
353 unmount_on_exit
354 Since autofs always tries to re-connect to mounts left mounted
355 from a previous shutdown this is a sensible option to implement
356 and that will be done.
357
358 browsable_dirs
359 Allow map keys to be shown in directory listings. This option
360 can have values of "yes" or "no". The default is "no". A varia‐
361 tion of this option, "browsable", can be used as a pseudo mount
362 option in type "auto" map entries to provide browsing function‐
363 ality in sub-mounts. The amd "browsable_dirs = full" option can‐
364 not be implemented within the current autofs framework and is
365 not supported.
366
367 exec_map_timeout
368 A timeout is not currently used for program maps but this might
369 be implemented in the future.
370
371 tag
372 The tag option is not implemented within autofs.
373
374 Supported options:
375
376 arch, karch, os, osver
377 These options default to what is returned from uname(2) and can
378 be overridden if required.
379
380 full_os
381 This option has no default and must be set in the configuration
382 if used in maps.
383
384 cluster
385 If not set defaults to the host domain name. This option corre‐
386 sponds to the HP_UX cluster name (according to the amd source)
387 and is probably not used in Linux but is set anyway.
388
389 vendor This option has a default value of "unknown", it must be set in
390 the configuration if used in maps.
391
392 auto_dir
393 Is the base name of the mount tree used for external mounts that
394 are sometimes needed by amd maps. Its default value is "/a".
395
396 map_type
397 Specifies the autofs map source, such as file, nis, ldap etc.
398 and has no default value set.
399
400 map_defaults
401 This option is used to override /defaults entries within maps
402 and can be used to provide different defaults on specific ma‐
403 chines without having to modify centrally managed maps. It is
404 empty by default.
405
406 search_path
407 Colon separated paths to search for maps that are not specified
408 as a full path.
409
410 dismount_interval
411 Is equivalent to the autofs timeout option. It is only possible
412 to use this with type "auto" mounts due to the way the autofs
413 kernel module performs expiry. It takes its default value from
414 the autofs internal default of 600 seconds.
415
416 autofs_use_lofs
417 If set to "yes" autofs will attempt to use bind mounts for type
418 "link" entries when possible (default is "yes").
419
420 nis_domain
421 Allows setting of a domain name other than the system default.
422
423 local_domain
424 Is used to override (or set) the host domain name.
425
426 normalize_hostnames
427 If set to "yes" then the contents of ${rhost} is translated in
428 its official host name.
429
430 domain_strip
431 If set to "yes" the domain name part of the host is stripped
432 when normalizing hostnames. This can be useful when using of the
433 same maps in a multiple domain environment.
434
435 normalize_slashes
436 This option is set to "yes" by default and will collapse multi‐
437 ple unescaped occurrences of "/" to a single "/".
438
439 selectors_in_defaults, selectors_on_default
440 This option has a default value of "no". If set to "yes" then
441 any defaults entry will be checked for selectors to determine
442 the values to be used. selectors_in_defaults is the preferred
443 option to use.
444
445 ldap_base
446 iThis option has no default value. It must be set to the base dn
447 that is used for queries if ldap is to be used as a map source.
448
449 ldap_hostports
450 This option has no default value set. It must be set to the URI
451 of the LDAP server to be used for lookups when ldap is used as a
452 map source. It may contain a comma or space separated list of
453 LDAP URIs.
454
455 hesiod_base
456 Sets the base name used for hesiod map sources.
457
458 linux_ufs_mount_type
459 This is an additional configuration option for the autofs amd
460 format parser implementation.
461
462 There's no simple way to determine what the system default
463 filesystem is and am-utils needs to be continually updated to do
464 this and can easily get it wrong ayway. So allow it to be set in
465 the configuration.
466
468 [ autofs ]
469 timeout = 300
470 browse_mode = no
471
472 [ amd ]
473 dismount_interval = 300
474 map_type = nis
475 autofs_use_lofs = no
476
477 [ /expamle/mount ]
478 dismount_interval = 60
479 map_type = file
480
482 automount(8), auto.master(5), autofs_ldap_auth.conf(5).
483
485 This manual page was written by Ian Kent <raven@themaw.net>.
486
487
488
489 23 Jan 2014 AUTOFS.CONF(5)