I've just come across SSSD and have managed to set it up for use against our LDAP server. Yay!
We have LDAP set up for user and group management, and all users' homes live on an NFS share. This is fine for me most of the time, except for on the machine where I do development; I really don't like to run the compiler against files on NFS!
I see three options
1. Use a local user, with a local $HOME, for development. 2. Create a local dir on the dev machine and use it for all development. 3. Give the LDAP user a local $HOME on the dev machine.
I looked into 3 a bit and found `override_homedir`. It works fine, but then *all* users on the dev machine get a local $HOME. Is it possible to override $HOME for a specific user only?
/M
PS I'd also be most interested in hearing if there are any other solutions to this problem.
On Mon, Feb 01, 2016 at 10:46:14AM +0100, Magnus Therning wrote:
I've just come across SSSD and have managed to set it up for use against our LDAP server. Yay!
We have LDAP set up for user and group management, and all users' homes live on an NFS share. This is fine for me most of the time, except for on the machine where I do development; I really don't like to run the compiler against files on NFS!
I see three options
- Use a local user, with a local $HOME, for development.
- Create a local dir on the dev machine and use it for all development.
- Give the LDAP user a local $HOME on the dev machine.
I looked into 3 a bit and found `override_homedir`. It works fine, but then *all* users on the dev machine get a local $HOME. Is it possible to override $HOME for a specific user only?
/M
PS I'd also be most interested in hearing if there are any other solutions to this problem.
Yes, in recent versions, you can use the sss_override tool: https://jhrozek.fedorapeople.org/sssd/1.13.3/man/sss_override.8.html
With a colleague of mine we are working on a blog post so that more users know about that tool. We started here: http://piratepad.net/FssgCbKcHm but the content is not ready yet, hopefully in a couple of days it will be.
Jakub Hrozek writes:
On Mon, Feb 01, 2016 at 10:46:14AM +0100, Magnus Therning wrote:
I've just come across SSSD and have managed to set it up for use against our LDAP server. Yay!
We have LDAP set up for user and group management, and all users' homes live on an NFS share. This is fine for me most of the time, except for on the machine where I do development; I really don't like to run the compiler against files on NFS!
I see three options
- Use a local user, with a local $HOME, for development.
- Create a local dir on the dev machine and use it for all development.
- Give the LDAP user a local $HOME on the dev machine.
I looked into 3 a bit and found `override_homedir`. It works fine, but then *all* users on the dev machine get a local $HOME. Is it possible to override $HOME for a specific user only?
/M
PS I'd also be most interested in hearing if there are any other solutions to this problem.
Yes, in recent versions, you can use the sss_override tool: https://jhrozek.fedorapeople.org/sssd/1.13.3/man/sss_override.8.html
With a colleague of mine we are working on a blog post so that more users know about that tool. We started here: http://piratepad.net/FssgCbKcHm but the content is not ready yet, hopefully in a couple of days it will be.
Very nice! It was completed enough to allow even me to add the override I want to the cache :)
It'll be nice to get a systemd unit file for export/import of overrides...
/M
On Mon, 1 Feb 2016, Magnus Therning wrote:
I've just come across SSSD and have managed to set it up for use against our LDAP server. Yay!
We have LDAP set up for user and group management, and all users' homes live on an NFS share. This is fine for me most of the time, except for on the machine where I do development; I really don't like to run the compiler against files on NFS!
I see three options
- Use a local user, with a local $HOME, for development.
- Create a local dir on the dev machine and use it for all development.
- Give the LDAP user a local $HOME on the dev machine.
I looked into 3 a bit and found `override_homedir`. It works fine, but then *all* users on the dev machine get a local $HOME. Is it possible to override $HOME for a specific user only?
You don't want to override home; you want option #2. Keep your home directory on NFS, and keep it backed up and consistent between multiple machines. Do development on unbacked up local disk, and commit changes to git/svn repos.
jh
John Hodrien writes:
On Mon, 1 Feb 2016, Magnus Therning wrote:
I've just come across SSSD and have managed to set it up for use against our LDAP server. Yay!
We have LDAP set up for user and group management, and all users' homes live on an NFS share. This is fine for me most of the time, except for on the machine where I do development; I really don't like to run the compiler against files on NFS!
I see three options
- Use a local user, with a local $HOME, for development.
- Create a local dir on the dev machine and use it for all development.
- Give the LDAP user a local $HOME on the dev machine.
I looked into 3 a bit and found `override_homedir`. It works fine, but then *all* users on the dev machine get a local $HOME. Is it possible to override $HOME for a specific user only?
You don't want to override home; you want option #2. Keep your home directory on NFS, and keep it backed up and consistent between multiple machines. Do development on unbacked up local disk, and commit changes to git/svn repos.
I have to think a bit about it, and try it out before I decide I think.
My dev machine at work has more in common with my home machine, than with other machines at work. On my dev machine I run an up-to-date Archlinux and the OS for the other machines at work is Ubuntu 14.04. In order to share as much as possible between my work and home dev machines I'm storing my config files in a set of git repos. I'm also using stuff like antigen, ELPA/MELPA, etc. In short, I don't really care that much about backups, and for the non-development tasks I have it might make more sense to do the exact opposite of what you suggest above, i.e. keep $HOME local and switch to NFS when I work on docs/etc that I need/want backups of.
I'll have to try it out and see, basically :)
/M
sssd-users@lists.fedorahosted.org
-
Jakub Hrozek -
John Hodrien -
Magnus Therning