Provided by: autofs_5.1.9-1.1ubuntu2_amd64 bug

NAME

       auto.master - Master Map for automounter consulted by autofs

DESCRIPTION

       The  auto.master  map  is  consulted  to  set  up  automount managed mount points when the
       autofs(8) script is invoked or the automount(8) program is  run.  Each  line  describes  a
       mount  point  and  refers to an autofs map describing file systems to be mounted under the
       mount point.

       The default location of the master map is /etc/auto.master but an alternate  name  may  be
       given  on  the  command  line  when running the automounter and the default master map may
       changed by setting the MASTER_MAP_NAME configuration variable in /etc/default/autofs.   If
       the  master map name has no path then the system Name Service Switch configuration will be
       consulted and each of the sources searched in line  with  the  rules  given  in  the  Name
       Service Switch configuration.

       Access to mounts in maps is governed by a key.

       For direct maps the mount point is always specified as:

       /-

       and the key used within the direct map is the full path to the mount point. The direct map
       may have multiple entries in the master map.

       For indirect maps access is by using the path scheme:

       /mount-point/key

       where mount-point is one of the entries listed in the master map.  The  key  is  a  single
       directory  component  and  is  matched  against entries in the map given in the entry (See
       autofs(5)).

       Additionally, a map may be included from its source as if it were itself  present  in  the
       master map by including a line of the form:

       +[maptype[,format]:]map [options]

       and  automount(8)  will process the map according to the specification described below for
       map entries. Plus map inclusion is only permitted  in  file  map  sources.   Indirect  map
       entries  must be unique in the master map so second and subsequent entries for an indirect
       mount point are ignored by automount(8).

       NOTE:  autofs currently does not collapse multiple slashes in paths, so it is important to
              ensure  paths used in maps are correct. If unnecessary multiple slashes are present
              in a path it can lead to  unexpected  failures  such  as  an  inability  to  expire
              automounts.  An  exception  to this is a trailing slash at the end of the automount
              point path in the master map which will be removed if present.

FORMAT

       Master map entries have three fields separated by an arbitrary number of spaces  or  tabs.
       Lines  beginning  with  # are comments. The first field is the mount point described above
       and the second field is the name of the map to be consulted for the mount  point  followed
       by the third field which contains options to be applied to all entries in the map.

       The format of a master map entry is:

       mount-point [map-type[,format]:]map [options]

       mount-point
              Base  location  for  the  autofs  filesystem to be mounted.  For indirect maps this
              directory will be created (as with  mkdir  -p)  and  is  removed  when  the  autofs
              filesystem is umounted.

       map-type
              Type of map used for this mount point.  The following are valid map types:

              file   The map is a regular text file.

              program
                     The  map is an executable program, which is passed a key on the command line
                     and returns an entry (everything besides the key) on stdout  if  successful.
                     Optionally,  the  keyword exec may be used as a synonym for program to avoid
                     confusion with amd formatted maps mount type program.

              yp     The map is a NIS (YP) database.

              nisplus
                     The map is a NIS+ database.

              hesiod The map is a hesiod database whose filsys entries are used for maps.

              ldap or ldaps
                     The map is stored in an LDAP directory. If ldaps  is  used  the  appropriate
                     certificate must be configured in the LDAP client.

              multi  This  map  type allows the specification of multiple maps separated by "--".
                     These maps are searched in order to resolve key lookups.

              dir    This map type can be used at + master map including notation.  The  contents
                     of  files  under given directory are included to the master map. The name of
                     file to be included must be ended with ".autofs". A file will be ignored  if
                     its  name is not ended with the suffix. In addition a dot file, a file which
                     name is started with "." is also ignored.

       format
              Format of the map data; currently the formats recognized are sun, which is a subset
              of  the  Sun automounter map format, hesiod, for hesiod filesys entries and amd for
              amd formatted map entries.  If the format is left unspecified, it defaults  to  sun
              for  all  map  types  except  hesiod  unless it is a top level amd mount that has a
              configuration entry for the mount point path, in which case the format used is amd.

       map
              Name of the map to use.  This is an absolute UNIX pathname for maps of types  file,
              dir,  or  program,  and  the  name  of  a database in the case for maps of type yp,
              nisplus, or hesiod or the dn of an LDAP entry for maps of type ldap.

       options
              Any remaining command line arguments  without  leading  dashes  (-)  are  taken  as
              options  (-o)  to  mount.  Arguments with leading dashes are considered options for
              the maps and are passed to automount (8).

              The sun format supports the following options:

              -Dvariable=value
                     Replace variable with value in map substitutions.

              -strict
                     Treat errors when mounting file systems as fatal.  This  is  important  when
                     multiple  file  systems should be mounted (`multimounts'). If this option is
                     given, no file system is mounted at all if at least one file system can't be
                     mounted.

              [no]browse
                     This  is  an  autofs specific option that is a pseudo mount option and so is
                     given without a leading dash. Use of the  browse  option  pre-creates  mount
                     point  directories  for indirect mount maps so the map keys can be seen in a
                     directory listing without being  mounted.  Use  of  this  option  can  cause
                     performance  problem  if the indirect map is large so it should be used with
                     caution. The internal program default is to enable browse mode for  indirect
                     mounts  but  the  default  installed configuration overrides this by setting
                     BROWSE_MODE to "no" because  of  the  potential  performance  problem.  This
                     option  does the same as the deprecated --ghost option, the browse option is
                     preferred because it is used by other autofs implementations.

              nobind This is an autofs specific option that is a pseudo mount option  and  so  is
                     given  without a leading dash. It may be used either in the master map entry
                     (so it effects all the map  entries)  or  with  individual  map  entries  to
                     prevent  bind  mounting  of local NFS filesystems. For direct mount maps the
                     option is only effective if specified on the first direct map entry  and  is
                     applied  to  all direct mount maps in the master map. It is ignored if given
                     on subsequent direct map entries. It may be used on individual  map  entries
                     of  both  types. Preventing bind mounts of NFS file systems can no longer be
                     done by using the "port=" option, the nobind option must be used instead.

              symlink
                     This option makes bind mounting use a symlink  instead  of  an  actual  bind
                     mount.  It is an autofs specific option that is a pseudo mount option and so
                     is given without a leading dash. It may be used with  indirect  map  entries
                     only,  either  in  the  master  map  (so it effects all map entries) or with
                     individual map entries. The option is ignored for direct mounts and non-root
                     offest mount entries.

              strictexpire
                     Use  a strict expire policy for this automount. Using this option means that
                     last use of autofs directory entries will not be updated during  path  walks
                     so  that  mounts  in  an  automount  won't  be  kept mounted by applications
                     scanning the mount tree. Note  that  this  doesn't  completely  resolve  the
                     problem   of   expired   automounts  being  immediately  re-mounted  due  to
                     application accesses triggered by the expire itself.

              slave, private or shared
                     This option allows mount propagation of bind mounts  to  be  set  to  slave,
                     private or shared. This option defaults to slave if no option is given. When
                     using multi-mounts that have bind mounts the bind mount will have  the  same
                     properties  as  its  parent which is commonly propagation shared. And if the
                     mount target is also propagation shared this can lead  to  a  deadlock  when
                     attempting to access the offset mounts. When this happens an unwanted offset
                     mount is propagated back to the target file system resulting in  a  deadlock
                     since  the automount target is itself an (unwanted) automount trigger.  This
                     option is an autofs pseudo mount option that can be used in the  master  map
                     only.

              -r, --random-multimount-selection
                     Enables  the  use  of  random  selection when choosing a host from a list of
                     replicated servers. This option is applied to this  mount  only,  overriding
                     the global setting that may be specified on the command line.

              -w, --use-weight-only
                     Use  only  specified weights for server selection where more than one server
                     is specified in the map entry. If no server  weights  are  given  then  each
                     available server will be tried in the order listed, within proximity.

              -t, --timeout <seconds>
                     Set  the expire timeout for map entries. This option can be used to override
                     the global default given either on the command line or in the configuration.

              -n, --negative-timeout <seconds>
                     Set the timeout for caching failed key lookups. This option can be  used  to
                     override  the  global  default  given  either  on the command line or in the
                     configuration.

              --mode <octal_mode>
                     Set the directory mode for the base location of the autofs mount point.   If
                     this option is given, autofs will chmod that directory with this mode.

BUILTIN MAP -hosts

       If  "-hosts"  is  given  as  the  map  then  accessing  a  key under the mount point which
       corresponds to a hostname will allow access to the exports of that  host.  The  hosts  map
       cannot be dynamically updated and requires a HUP signal to be sent to the daemon for it to
       check hosts for an update. Due to possible hierarchic dependencies within a mount tree, it
       might not be completely updated during the HUP signal processing.

       For  example,  with an entry in the master map of /net -hosts accessing /net/myserver will
       mount exports from myserver on directories below /net/myserver.

       NOTE: mounts done from a hosts map will be mounted with the "nosuid,nodev" options  unless
       overridden by explicitly specifying the "suid", "dev" options in the master map entry.

BUILTIN MAP -null

       If  "-null"  is  given  as  the map it is used to tell automount(8) to ignore a subsequent
       master map entry with the given path.

       It can be used for paths that appear in the master map or in direct mount maps (but not in
       direct mount maps themselves) or as a key in an indirect mount map.

       An  indirect mount map key can be nulled. If so the map key is ignored and does not result
       in a mount attempt (essentially the key lookup is abandoned early on).

       An indirect mount map top level mount point path can be nulled. If so no mounts  from  the
       nulled mount are performed (essentially it isn't mounted).

       Direct  mount  map  path entries can be nulled. Since they must be present at startup they
       are (notionally) part of the master map so direct mount paths that use the -null  map  may
       be used in the master map to ignore subsequent direct mount map entries.

       A  nulled  master  map  entry  path  will  ignore  a single subsequent matching entry. Any
       matching entry following that will be treated as it normally would be. An example  use  of
       this is allowing local master map entries to override remote ones.

       NOTE:  If  a  duplicate master map entry path is seen (excluding paths of null entries) it
       will be ignored and noted in the log, that is the first encountered master  map  entry  is
       used unless there is a corresponding null entry.

LDAP MAPS

       If  the map type ldap is specified the mapname is of the form [//servername/]dn, where the
       optional servername is the name of the LDAP server to query, and dn is  the  Distinguished
       Name  of  a  subtree  to search for map entries.  The old style ldap:servername:mapname is
       also understood. Alternatively, the type can be obtained  from  the  Name  Service  Switch
       configuration, in which case the map name alone must be given.

       If  no  schema  is  set  in  the  autofs  configuration then autofs will check each of the
       commonly used schema for a valid entry and if one is found it will be used for  subsequent
       lookups.

       There are three common schemas in use:

       nisMap
              Entries  in the nisMap schema are nisObject objects in the specified subtree, where
              the cn attribute is the  key  (the  wildcard  key  is  "/"),  and  the  nisMapEntry
              attribute contains the information used by the automounter.

       automountMap
              The  automountMap  schema  has two variations that differ in the attribute used for
              the map key. Entries in the  automountMap  schema  are  automount  objects  in  the
              specified  subtree,  where  the  cn  or  automountKey attribute (depending on local
              usage) is the key (the wildcard key is "/"), and the automountInformation attribute
              contains  the  information  used  by the automounter. Note that the cn attribute is
              case insensitive.

       The object classes and attributes used for accessing automount maps in LDAP can be changed
       by setting entries in the autofs configuration located in /etc/default/autofs.conf.

       NOTE:  If  a schema is given in the configuration then all the schema configuration values
              must be set, any partial schema specification will be ignored.

       For amd format maps a different schema is used:

       amdMap
              The amdmap schema contains attributes amdmapName, amdmapKey and  amdmapValue  where
              amdmapName  contains the name of the containing map, amdmapKey contains the map key
              and amdmapValue contains the map entry.

LDAP AUTHENTICATION, ENCRYPTED AND CERTIFIED CONNECTIONS

       LDAP authenticated binds, TLS encrypted connections  and  certification  may  be  used  by
       setting appropriate values in the autofs authentication configuration file and configuring
       the LDAP client  with  appropriate  settings.   The  default  location  of  this  file  is
       /etc/autofs_ldap_auth.conf.

       If  this  file exists it will be used to establish whether TLS or authentication should be
       used.

       An example of this file is:

         <?xml version="1.0" ?>
         <autofs_ldap_sasl_conf
                 usetls="yes"
                 tlsrequired="no"
                 authrequired="no"
                 authtype="DIGEST-MD5"
                 user="xyz"
                 secret="abc"
         />

       If TLS encryption is to be used the location of the Certificate Authority certificate must
       be  set  within the LDAP client configuration in order to validate the server certificate.
       If, in addition, a certified connection is to be used  then  the  client  certificate  and
       private key file locations must also be configured within the LDAP client.

       In   OpenLDAP  these  may  be  configured  in  the  ldap.conf  file  or  in  the  per-user
       configuration. For example, it may be sensible to use the system  wide  configuration  for
       the  location  of the Certificate Authority certificate and set the location of the client
       certificate and private key in the per-user configuration. The location of these files and
       the  configuration  entry  requirements  is system dependent so the documentation for your
       installation will need to be consulted to get further information.

       See autofs_ldap_auth.conf (5) for more information.

EXAMPLE

         /-        auto.data
         /home     /etc/auto.home
         /mnt      yp:mnt.map

       This will generate two mountpoints for /home and /mnt and install  direct  mount  triggers
       for  each entry in the direct mount map auto.data.  All accesses to /home will lead to the
       consultation of the map in /etc/auto.home and all accesses to /mnt will  consult  the  NIS
       map mnt.map.  All accesses to paths in the map auto.data will trigger mounts when they are
       accessed and the Name Service Switch configuration will be used to locate  the  source  of
       the map auto.data.

       To  avoid making edits to /etc/auto.master, /etc/auto.master.d may be used.  Files in that
       directory must have a ".autofs" suffix, e.g.  /etc/auto.master.d/extra.autofs.  Such files
       contain lines of the same format as the auto.master file, e.g.

         /foo    /etc/auto.foo
         /baz    yp:baz.map

SEE ALSO

       automount(8), autofs(5), autofs(8), autofs.conf(5), autofs_ldap_auth.conf(5).

AUTHOR

       This  manual  page  was  written  by  Christoph Lameter <chris@waterf.org>, for the Debian
       GNU/Linux system. Edited by <hpa@transmeta.com> and Ian Kent <raven@themaw.net> .

                                           11 Apr 2006                             AUTO.MASTER(5)