On 03/19/2015 02:46 PM, Roberto Cornacchia wrote:
Hi Dmitri,
I do realise my question is borderline and I accept that it is
considered off-topic.
I did post it here because I believe it's not *only* about NFS, but
also about its interaction with freeIPA. The issue of NFS home and in
particular about their creation is touched in all the links I posted
(all about freeIPA) and never really answered.
This is what documented and recommended:
https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html#kerb-nfs
RHEL6 has a similar chapter in its doc set though books have changed
significantly between 6 and 7.
I do not see any chicken and egg problem there.
The instructions show how to create home dirs on the first login.
It mounts the volume and then creates dirs on it as users log in if they
are not already there.
It is unclear what problem you see with doing it the way it is recommended.
Best,
Roberto
On 19 March 2015 at 19:36, Dmitri Pal <[email protected]
<mailto:[email protected]>> wrote:
On 03/19/2015 05:29 AM, Roberto Cornacchia wrote:
On 6 March 2015 at 11:15, Martin Kosek <[email protected]
<mailto:[email protected]>> wrote:
On 03/06/2015 10:56 AM, Roberto Cornacchia wrote:
Hi there,
I'm planning to deploy freeIPA on our lan.
It's small-ish and completely based on FC21, so I expect
everything to work
like a charm.
Except one detail. We have Synology NAS station, which
uses DSM 5.0.
The ideal plan is to use it as host for shared NFS home
dirs once we switch our
desktops to freeIPA.
Great!
Hello,
The first thing I'm struggling with is to find the correct
approach about NFS home dirs.
The ideal setting would be:
- home dirs on the NAS
- IPA manages automount maps
- home dirs are created automatically at first login
The documentation I could find on these topics includes only
not-so-recent pages (anything I missed?):
http://wiki.linux-nfs.org/wiki/index.php/NFS_and_FreeIPA
http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/automount.html
http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/users.html#home-directories
http://adam.younglogic.com/2011/06/automount-and-home-directory-creation/
Now, I admit I don't have much experience with setting up NFS
homes, with or without freeIPA, so trying to get this done
correctly in the context of freeIPA and without clear howtos
isn't very easy, but I'm willing to get my hands dirty.
The first problem I struggle with is on the correct approach.
From the documentation above, I understand that there is a bit of
a chicken-egg problem about the creation of home dirs.
On the one hand, it would be optimal to have automount maps to
load only single home dirs on demand, rather than the entire
/home tree.
On the other hand, if the /home tree is not available, then
creating /home/user1 dir automatically isn't really possible.
Just mounting the whole /home tree would make things easier, but
I don't have a feeling of when it starts to become a performance
issue (assuming recent hardware and up to date software). 10
users? 50? 100? 500? No idea.
The realm I'm dealing with at the moment is in the range of 5-10
users and probably won't be larger than 50 in the next few years
(and if it will, it means things are going well, so what the heck ;)
Also true that, with such few users, I could just create the
homedirs manually when needed (this is not an organisation where
many users come and go) and just mount the individually.
Any tips about this?
Best, Roberto
Some of these questions are really outside the scope of this list.
You might consider asking them on the NFS list.
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
--
Thank you,
Dmitri Pal
Sr. Engineering Manager IdM portfolio
Red Hat, Inc.
--
Manage your subscription for the Freeipa-users mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-users
Go to http://freeipa.org for more info on the project
