Hey,
Background: so I came across the problem that snaps don't allow home directories outside /home (c.f. https://bugs.launchpad.net/snappy/+bug/1620771 ). So I use override_homedir in sssd.conf to fix this (I have to say almost since I still can't start the snaps in $HOME (/home/$USER) but any other directory, even $HOME/Desktop). However, there is another layer of complication in my scenario: I don't have one file server but two that serve the home directories. Therefore, I use a autofs script to get the correct user mounts (auto.home.sh).
fs1 /fs1/home/$USER ------+ |------ client sssd.conf: override_homedir = /home/%u fs2 /fs2/home/$USER ------+ auto.home.sh: script to choose correct mountpoint for $USER
Problem: I would like to get the original home directory (e.g. /fs1/home/$USER) on the client. getent passwd only gets me /home/$USER (overriden by the parameter override_homedir in sssd.conf). So my hacky solution is right now to use ldbsearch:
declare -r DOMAIN=example.com declare -r LDBDB= /var/lib/sss/db/cache_bc.frontend.ldb ldbsearch -H $LDBDB '($USER@$DOMAIN)' homeDirectory
Another possibilty would be to use ldapsearch directly but I would like to first query the sss cache.
Is there a better way to solve this problem?
Thanks Steffen
Is your auto_home.sh script that chooses between your two fileservers choosing per-user? Or per-location? Or per region?
We do something similar, but it's per region. So the /etc/auto.master.d/* is laid down appropriately (& statically per region) at build time.
(We also have automount maps in AD and delivered to autofs via sssd, for other automounts.)
Spike
On Thu, Oct 15, 2020 at 2:17 AM schmidt.steffen@gmx.de wrote:
Hey,
Background: so I came across the problem that snaps don't allow home directories outside /home (c.f. https://bugs.launchpad.net/snappy/+bug/1620771 ). So I use override_homedir in sssd.conf to fix this (I have to say almost since I still can't start the snaps in $HOME (/home/$USER) but any other directory, even $HOME/Desktop). However, there is another layer of complication in my scenario: I don't have one file server but two that serve the home directories. Therefore, I use a autofs script to get the correct user mounts (auto.home.sh).
fs1 /fs1/home/$USER ------+ |------ client sssd.conf: override_homedir = /home/%u fs2 /fs2/home/$USER ------+ auto.home.sh: script to choose correct mountpoint for $USER
Problem: I would like to get the original home directory (e.g. /fs1/home/$USER) on the client. getent passwd only gets me /home/$USER (overriden by the parameter override_homedir in sssd.conf). So my hacky solution is right now to use ldbsearch:
declare -r DOMAIN=example.com declare -r LDBDB= /var/lib/sss/db/cache_bc.frontend.ldb ldbsearch -H $LDBDB '($USER@$DOMAIN)' homeDirectory
Another possibilty would be to use ldapsearch directly but I would like to first query the sss cache.
Is there a better way to solve this problem?
Thanks Steffen _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
Hi Spike, the auto_home.sh is choosing the fileserver per-user - it checks for the homeDirectory (e.g. /fs1/home/$USER) and therefore mounts fs1:/home/$USER
I guess your solution would be more elegant. I like the idea providing autofs via ssd. However, would this also work for my mixed user scenario (client machine needs to mount nfs homes from different locations at the same time)?
Steffen
Steffen,
Honestly I think the best solution for you is to rewrite your auto_home.sh and use the "program" map-type of autofs. Like this
/etc/auto.master:
/home program:/usr/local/bin/auto_home.sh
where auto_home.sh looks for the existence of a share /fs1/home/$USER. (autofs passes in key on on the command line to program map-types. see auto.master man page). If it finds said share, it'll return fs1:/home/$KEY, if not fs2:/home/$KEY.
Your auto_home.sh will output either:
/home/$KEY -ro,tcp,soft,intr,nolock,vers=3 fs1:/home/$KEY
or
/home/$KEY -ro,tcp,soft,intr,nolock,vers=3 fs2:/home/$KEY
(Your NFS mount options will vary, of course.)
There are multiple other solutions too (some involving sssd), but they all seem to involve ongoing maintenance when you add / remove users and home directories on your NAS shares. The above solution doesn't require ongoing maintenance.
Spike
On Fri, Oct 16, 2020 at 2:30 AM Steffen Schmidt schmidt.steffen@gmx.de wrote:
Hi Spike, the auto_home.sh is choosing the fileserver per-user - it checks for the homeDirectory (e.g. /fs1/home/$USER) and therefore mounts fs1:/home/$USER
I guess your solution would be more elegant. I like the idea providing autofs via ssd. However, would this also work for my mixed user scenario (client machine needs to mount nfs homes from different locations at the same time)?
Steffen _______________________________________________ sssd-users mailing list -- sssd-users@lists.fedorahosted.org To unsubscribe send an email to sssd-users-leave@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-users@lists.fedorahosted.o...
sssd-users@lists.fedorahosted.org
-
schmidt.steffen@gmx.de -
Spike White -
Steffen Schmidt