Red Hat Bugzilla – Bug 847823
authconfig cannot set up sssd automount map caching
Last modified: 2012-09-25 16:12:20 EDT
SSSD now (as of F17) has support for automount maps (considered experimental, and requiring the installation of the libsss_autofs package), but authconfig doesn't know how to configure it. There's this from authinfo.py:
# Now replace sss with ldap or remove it
# in all non-user info entries - this might be changed in future
# if sssd is able to provide automounts, netgroups, and so on.
which I just suppose needs to be (perhaps conditionally) disabled for the automount: line. Additionally, "autofs" needs to be added to the services line in the sssd section of sssd.conf.
In my particular installation, I also have to tell sssd the format of my automount maps and entries in ldap, because I'm using the old NIS-based maps. This means I get to add the following options to my domain in sssd.conf:
ldap_autofs_map_object_class = nisMap
ldap_autofs_map_name = nisMapName
ldap_autofs_entry_object_class = nisObject
ldap_autofs_entry_key = cn
ldap_autofs_entry_value = nisMapEntry
And while it would be doubly awesome if autoconfig gave me a way to set that, I certainly wouldn't blame anyone for telling me to take care of that myself.
I'd probably like to wait for removal of the experimental status of this feature.
Tomas, could you just key it off the presence of the libsss_autofs package on the system (similar to how you work with pam_oddjob_mkhomedir)?
I think that would be the easiest solution. libsss_autofs isn't a strict dependency for SSSD; it's installed intentionally when the user wants to use SSSD for automount caching.
OK, this looks fine to me.
In the SSSD 1.9 that is current in the RC cycle it is supported, it is not an experimental feature any more.