Provided by: autofs_5.0.7-3ubuntu3.2_amd64 
NAME
auto.master - Master Map for automounter
DESCRIPTION
The auto.master map is consulted to set up automount managed mount points when the
autofs(8) script is invoked or the automount(8) program is run. Each line describes a
mount point and refers to an autofs map describing file systems to be mounted under the
mount point.
The default location of the master map is /etc/auto.master but an alternate name may be
given on the command line when running the automounter and the default master map may
changed by setting the MASTER_MAP_NAME configuration variable in /etc/default/autofs. If
the master map name has no path then the system Name Service Switch configuration will be
consulted and each of the sources searched in line with the rules given in the Name
Service Switch configuration.
Access to mounts in maps is governed by a key.
For direct maps the mount point is always specified as:
/-
and the key used within the direct map is the full path to the mount point.
For indirect maps access is by using the path scheme:
/mount-point/key
where mount-point is one of the entries listed in the master map. The key is a single
directory component and is matched against entries in the map given in the entry (See
autofs(5)).
Additionally, a map may be included from its source as if it were itself present in the
master map by including a line of the form: + [maptype,format:]map[options] and
automount(8) will process the map according to the specification described below for map
entries.
FORMAT
Master map entries have three fields separated by an arbitrary number of spaces or tabs.
Lines beginning with # are comments. The first field is the mount point described above
and the second field is the name of the map to be consulted for the mount point followed
by the third field which contains options to be applied to all entries in the map.
The format of a master map entry is:
mount-point [map-type[,format]:]map [options]
mount-point
Base location for the autofs filesystem to be mounted. For indirect maps this
directory will be created (as with mkdir -p) and is removed when the autofs
filesystem is umounted.
map-type
Type of map used for this mount point. The following are valid map types:
file The map is a regular text file.
program
The map is an executable program, which is passed a key on the command line
and returns an entry (everything besides the key) on stdout if successful.
yp The map is a NIS (YP) database.
nisplus
The map is a NIS+ database.
hesiod The map is a hesiod database whose filsys entries are used for maps.
ldap or ldaps
The map is stored in an LDAP directory. If ldaps is used the appropriate
certificate must be configured in the LDAP client.
multi This map type allows the specification of multiple maps separated by "--".
These maps are searched in order to resolve key lookups.
dir This map type can be used at + master map including notation. The contents
of files under given directory are included to the master map. The name of
file to be included must be ended with ".autofs". A file will be ignored if
its name is not ended with the suffix. In addition a dot file, a file which
name is started with "." is also ignored.
format Format of the map data; currently the only formats recognized are sun, which is a
subset of the Sun automounter map format, and hesiod, for hesiod filesys entries.
If the format is left unspecified, it defaults to sun for all map types except
hesiod.
map Name of the map to use. This is an absolute UNIX pathname for maps of types file,
dir, or program, and the name of a database in the case for maps of type yp,
nisplus, or hesiod or the dn of an LDAP entry for maps of type ldap.
options
Any remaining command line arguments without leading dashes (-) are taken as
options (-o) to mount. Arguments with leading dashes are considered options for
the maps.
The sun format supports the following options:
-Dvariable=value
Replace variable with value in map substitutions.
-strict
Treat errors when mounting file systems as fatal. This is important when
multiple file systems should be mounted (`multimounts'). If this option is
given, no file system is mounted at all if at least one file system can't be
mounted.
nobind This is an autofs specific option that is a pseudo mount option and so is
given without a leading dash. It may be used either in the master map entry
(so it effects all the map entries) or with individual map entries to
prevent bind mounting of local NFS filesystems. Bind mounting of NFS file
systems can also be prevented for specific map entrys by adding the "port="
mount option to the entries.
-r, --random-multimount-selection
Enables the use of ramdom selection when choosing a host from a list of
replicated servers. This option is applied to this mount only, overriding
the global setting that may be specified on the command line.
-w, --use-weight-only
Use only specified weights for server selection where more than one server
is specified in the map entry. If no server weights are given then each
available server will be tried in the order listed, within proximity.
-n, --negative-timeout <seconds>
Set the timeout for caching failed key lookups. This option can be used to
override the global default given either on the command line or in the
configuration.
GENERAL SYSTEM DEFAULTS CONFIGURATION
The default value of several general settings may be changed in the configuration file
/etc/default/autofs. They are:
TIMEOUT
sets the default mount timeout (program default 600).
NEGATIVE_TIMEOUT
Set the default timeout for caching failed key lookups (program default 60). If the
equivalent command line option is given it will override this setting.
MOUNT_WAIT
Set the default time to wait for a response from a spawned mount(8) before sending
it a SIGTERM. Note that we still need to wait for the RPC layer to timeout before
the sub-process exits so this isn't ideal but it is the best we can do. The default
is to wait until mount(8) returns without intervention.
UMOUNT_WAIT
Set the default time to wait for a response from a spawned umount(8) before sending
it a SIGTERM. Note that we still need to wait for the RPC layer to timeout before
the sub-process exits so this isn't ideal but it is the best we can do.
BROWSE_MODE
Maps are browsable by default (program default "yes").
MOUNT_NFS_DEFAULT_PROTOCOL
Specify the default protocol used by mount.nfs(8) (program default 3). Since we
can't identify this default automatically we need to set it in the autofs
configuration.
APPEND_OPTIONS
Determine whether global options, given on the command line or per mount in the
master map, are appended to map entry options or if the map entry options replace
the global options (program default "yes", append options).
LOGGING
set default log level "none", "verbose" or "debug" (program default "none").
BUILTIN MAP -hosts
If "-hosts" is given as the map then accessing a key under the mount point which
corresponds to a hostname will allow access to the exports of that host. The hosts map
cannot be dynamically updated and requires a HUP signal to be sent to the daemon for it to
check hosts for an update. Due to possible hierarchic dependencies within a mount tree, it
might not be completely updated during the HUP signal processing.
For example, with an entry in the master map of /net -hosts accessing /net/myserver will
mount exports from myserver on directories below /net/myserver.
NOTE: mounts done from a hosts map will be mounted with the "nosuid,nodev,intr" options
unless overridden by explicily specifying the "suid", "dev" or "nointr" options in the
master map entry.
LDAP MAPS
If the map type ldap is specified the mapname is of the form [//servername/]dn, where the
optional servername is the name of the LDAP server to query, and dn is the Distinguished
Name of a subtree to search for map entries. The old style ldap:servername:mapname is
also understood. Alternatively, the type can be obtained from the Name Service Switch
configuration, in which case the map name alone must be given.
If no schema is set in the autofs configuration then autofs will check each of the
commonly used schema for a valid entry and if one is found it will used for subsequent
lookups.
There are three common schemas in use:
nisMap Entries in the nisMap schema are nisObject objects in the specified subtree, where
the cn attribute is the key (the wildcard key is "/"), and the nisMapEntry
attribute contains the information used by the automounter.
automountMap
The automountMap schema has two variations that differ in the attribute used for
the map key. Entries in the automountMap schema are automount objects in the
specified subtree, where the cn or automountKey attribute (depending on local
usage) is the key (the wildcard key is "/"), and the automountInformation attribute
contains the information used by the automounter. Note that the cn attribute is
case insensitive.
The object classes and attributes used for accessing automount maps in LDAP can be changed
by setting entries in the autofs configuration located in /etc/default/autofs.
NOTE: If a schema is given in the configuration then all the schema configuration values
must be set, any partial schema specification will be ignored.
The configuration settings available are:
LDAP_TIMEOUT
Set the network response timeout (default 8). Set timeout value for the
synchronous API calls. The default is the LDAP library default of an infinite
timeout.
LDAP_NETWORK_TIMEOUT
Set the network response timeout (default 8).
LDAP_URI
A space separated list of server uris of the form <proto>://<server>[/] where
<proto> can be ldap or ldaps. The option can be given multiple times. Map entries
that include a server name override this option and it is then not used. Default is
an empty list in which case either the server given in a map entry or the LDAP
configured default is used. This uri list is read at startup and whenever the
daemon receives a HUP signal.
This configuration option can also be used to request autofs lookup SRV RRs for a domain
of the form <proto>:///[<domain dn>]. Note that a trailing "/" is not allowed when using
this form. If the domain dn is not specified the dns domain name (if any) is used to
construct the domain dn for the SRV RR lookup. The server list returned from an SRV RR
lookup is refreshed according to the minimum ttl found in the SRV RR records or after one
hour, whichever is less.
SEARCH_BASE
The base dn to use when searching for amap base dn. This entry may be given
multiple times and each will be checked for a map base dn in the order they occur
in the configuration. The search base list is read at startup and whenever the
daemon recieves a HUP signal.
MAP_OBJECT_CLASS
The map object class. In the nisMap schema this corresponds to the class nisMap and
in the automountMap schema it corresponds to the class automountMap.
ENTRY_OBJECT_CLASS
The map entry object class. In the nisMap schema this corresponds to the class
nisObject and in the automountMap schema it corresponds to the class automount.
MAP_ATTRIBUTE
The attribute used to identify the name of the map to which this entry belongs. In
the nisMap schema this corresponds to the attribute nisMapName and in the
automountMap schema it corresponds to the attribute ou or automountMapName.
ENTRY_ATTRIBUTE
The attribute used to identify a map key. In the nisMap schema this corresponds to
the attribute cn and in the automountMap schema it corresponds to the attribute
automountKey.
VALUE_ATTRIBUTE
The attribute used to identify the value of the map entry. In the nisMap schema
this corresponds to the attribute nisMapEntry and in the automountMap schema it
corresponds to the attribute automountInformation.
NOTE: It is essential that entries use class and attribute in a consistent manner for
correct operation of autofs. For example mixing cn and automountKey attributes in
automount schema map entries won't work as expected.
LDAP AUTHENTICATION, ENCRYPTED AND CERTIFIED CONNECTIONS
LDAP authenticated binds, TLS encrypted connections and certification may be used by
setting appropriate values in the autofs authentication configuration file and configuring
the LDAP client with appropriate settings. The default location of this file is
/etc/autofs_ldap_auth.conf. If this file exists it will be used to establish whether TLS
or authentication should be used.
An example of this file is:
<?xml version="1.0" ?>
<autofs_ldap_sasl_conf
usetls="yes"
tlsrequired="no"
authrequired="no"
authtype="DIGEST-MD5"
user="xyz"
secret="abc"
/>
If TLS encryption is to be used the location of the Certificate Authority certificate must
be set within the LDAP client configuration in order to validate the server certificate.
If, in addition, a certified connection is to be used then the client certificate and
private key file locations must also be configured within the LDAP client.
In OpenLDAP these may be configured in the ldap.conf file or in the per-user
configuration. For example it may be sensible to use the system wide configuration for the
location of the Certificate Authority certificate and set the location of the client
certificate and private key in the per-user configuration. The location of these files and
the configuration entry requirements is system dependent so the documentation for your
installation will need to be consulted to get further information.
See autofs_ldap_auth.conf(5) for more information.
EXAMPLE
/- auto.data
/home /etc/auto.home
/mnt yp:mnt.map
This will generate two mountpoints for /home and /mnt and install direct mount triggers
for each entry in the direct mount map auto.data. All accesses to /home will lead to the
consultation of the map in /etc/auto.home and all accesses to /mnt will consult the NIS
map mnt.map. All accesses to paths in the map auto.data will trigger mounts when they are
accessed and the Name Service Switch configuration will be used to locate the source of
the map auto.data.
SEE ALSO
automount(8), autofs(5), autofs(8). autofs_ldap_auth.conf(5)
AUTHOR
This manual page was written by Christoph Lameter <chris@waterf.org>, for the Debian
GNU/Linux system. Edited by <hpa@transmeta.com> and Ian Kent <raven@themaw.net> .
11 Apr 2006 AUTO.MASTER(5)