It's possible that I'm simply not getting the point, or that I don't understand the documentation correctly, but this is what I don't find clear:
I had seen the instructions you pointed me at. These are not specifically about home directories. However, this section is: https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html#homedir-reqs It first suggests that automatic creation of home directories over NFS shares is possible: just automount /home and then use pam_oddjob_mkhomedir or pam_mkhomedir to create homedirs at first login. But then it also suggests that mounting the whole /home tree could be an issue, and says: "*Use automount to mount only the user's home directory and only when the user logs in, rather than loading the entire /home tree."* That means that automatic homedir creation is out of the game, doesn't it? That's what I find confusing. What's the recommended way? On 19 March 2015 at 20:49, Dmitri Pal <[email protected]> wrote: > On 03/19/2015 02:46 PM, Roberto Cornacchia wrote: > > Hi Dmitri, > > I do realise my question is borderline and I accept that it is > considered off-topic. > > I did post it here because I believe it's not *only* about NFS, but also > about its interaction with freeIPA. The issue of NFS home and in particular > about their creation is touched in all the links I posted (all about > freeIPA) and never really answered. > > > This is what documented and recommended: > > https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html-single/Linux_Domain_Identity_Authentication_and_Policy_Guide/index.html#kerb-nfs > > RHEL6 has a similar chapter in its doc set though books have changed > significantly between 6 and 7. > > I do not see any chicken and egg problem there. > The instructions show how to create home dirs on the first login. > > It mounts the volume and then creates dirs on it as users log in if they > are not already there. > > It is unclear what problem you see with doing it the way it is recommended. > > > > Best, > Roberto > > On 19 March 2015 at 19:36, Dmitri Pal <[email protected]> wrote: > >> On 03/19/2015 05:29 AM, Roberto Cornacchia wrote: >> >> On 6 March 2015 at 11:15, Martin Kosek <[email protected]> wrote: >> >>> On 03/06/2015 10:56 AM, Roberto Cornacchia wrote: >>> >>>> Hi there, >>>> >>>> I'm planning to deploy freeIPA on our lan. >>>> It's small-ish and completely based on FC21, so I expect everything to >>>> work >>>> like a charm. >>>> >>>> Except one detail. We have Synology NAS station, which uses DSM 5.0. >>>> The ideal plan is to use it as host for shared NFS home dirs once we >>>> switch our >>>> desktops to freeIPA. >>>> >>> >>> Great! >>> >>>> >>>> >> Hello, >> >> The first thing I'm struggling with is to find the correct approach >> about NFS home dirs. >> The ideal setting would be: >> - home dirs on the NAS >> - IPA manages automount maps >> - home dirs are created automatically at first login >> >> The documentation I could find on these topics includes only >> not-so-recent pages (anything I missed?): >> >> http://wiki.linux-nfs.org/wiki/index.php/NFS_and_FreeIPA >> >> http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/automount.html >> >> http://docs.fedoraproject.org/en-US/Fedora/18/html/FreeIPA_Guide/users.html#home-directories >> >> http://adam.younglogic.com/2011/06/automount-and-home-directory-creation/ >> >> Now, I admit I don't have much experience with setting up NFS homes, >> with or without freeIPA, so trying to get this done correctly in the >> context of freeIPA and without clear howtos isn't very easy, but I'm >> willing to get my hands dirty. >> >> The first problem I struggle with is on the correct approach. >> From the documentation above, I understand that there is a bit of a >> chicken-egg problem about the creation of home dirs. >> On the one hand, it would be optimal to have automount maps to load only >> single home dirs on demand, rather than the entire /home tree. >> On the other hand, if the /home tree is not available, then creating >> /home/user1 dir automatically isn't really possible. >> >> Just mounting the whole /home tree would make things easier, but I >> don't have a feeling of when it starts to become a performance issue >> (assuming recent hardware and up to date software). 10 users? 50? 100? 500? >> No idea. >> The realm I'm dealing with at the moment is in the range of 5-10 users >> and probably won't be larger than 50 in the next few years (and if it will, >> it means things are going well, so what the heck ;) >> Also true that, with such few users, I could just create the homedirs >> manually when needed (this is not an organisation where many users come and >> go) and just mount the individually. >> Any tips about this? >> >> Best, Roberto >> >> >> >> >> Some of these questions are really outside the scope of this list. >> You might consider asking them on the NFS list. >> >> -- >> Thank you, >> Dmitri Pal >> >> Sr. Engineering Manager IdM portfolio >> Red Hat, Inc. >> >> >> -- >> Manage your subscription for the Freeipa-users mailing list: >> https://www.redhat.com/mailman/listinfo/freeipa-users >> Go to http://freeipa.org for more info on the project >> > > > > > > -- > Thank you, > Dmitri Pal > > Sr. Engineering Manager IdM portfolio > Red Hat, Inc. > > > -- > Manage your subscription for the Freeipa-users mailing list: > https://www.redhat.com/mailman/listinfo/freeipa-users > Go to http://freeipa.org for more info on the project >
-- Manage your subscription for the Freeipa-users mailing list: https://www.redhat.com/mailman/listinfo/freeipa-users Go to http://freeipa.org for more info on the project
