Improve company productivity with a Business Account.Sign Up

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 827
  • Last Modified:

AIX and Red Hat - Automount and ACLs

The environment is about 6 servers. I'm trying to create a centralized ACL master location, to keep all my acl files in one location. However, I want to utilize automount to make the master ACL directory on one server available across the remainder of the 5 servers. ACL and automount is not utilized in this environment, so it would be a scratch setup. Is this possible to setup? What is needed to have automount working (filesets, install)? Or is there an easier way to do this?
0
AIX25
Asked:
AIX25
  • 5
  • 4
1 Solution
 
gheistCommented:
AIX and Linux have filesystem ACLs conformant with POSIX standard.
Redhat 6 and AIX 6 supports NFSv4 to allow them to be seen over network

ACL is for file (access control list) like rwx attributes, not some access policy on TACACS server
0
 
AIX25Author Commented:
Can you give me a high level break down of how I go about setting this up? Do I need to setup anything with automounter? NFS? Any insight on this?
0
 
gheistCommented:
... Check you have some ACL in file system on some file
... export the file system
... mount
... try chacl command on client


If it is not so easy check cllient mount if it is v4 or not
Check server with rpcinfo (if v4 is served)

Read docs etc to enable missing v4 on server if needed (i think aix enables highest version already)

Remount the volume on Linux with nfsv4 flag (there are like 4 in "man nfs" alone)
0
Build your data science skills into a career

Are you ready to take your data science career to the next step, or break into data science? With Springboard’s Data Science Career Track, you’ll master data science topics, have personalized career guidance, weekly calls with a data science expert, and a job guarantee.

 
AIX25Author Commented:
I want to set this up with automount on Redhat, any more details on that? I know how to NFS mount, no problem, but I'm not familiar with automounter??
0
 
woolmilkporcCommented:
RedHat should automatically have the autofs kernel support installed.

The required userspace package is "nfs-utils", either from the "NFS file server" or from the "'Network File System Client" group.

Here is a short but concise tutorial on autofs from RedHat:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Storage_Administration_Guide/s2-nfs-config-autofs.html

and here is the "autofs" part of the Storage Administration Guide:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s1-nfs-client-config-autofs.html

Basically you'll have to create or edit the /etc/auto.master file to specify your mount points and automount maps.

Next you will create these automount maps according to the format described in the above tutorial.

Don't forget to specify the "acl" option in the map(s), otherwise you won't see the ACLs on the clients.

Finally you must start the autofs service and that's it.

All the above must be done on the clients. The NFS server exports its shares as usual, it doesn't care whether the clients are using autofs or not.

Please let me know if you need instructions for AIX autofs as well.
0
 
gheistCommented:
I do not get why you cannot just mount NFS.... with mount command.... and enter in fstab...

automount maps are to mount same set of volumes on NIS-network etc... having them on each system is a plain burden compared to NFS....

ACL and NFSv4 are defaults on RHEL6 and AIX6
0
 
AIX25Author Commented:
@gheist. I'm going to create a master repository location of ACLs on one server that I want to make ACL FS available across all other servers in the environment. Do you have a better way to do this? Please let me know.
0
 
gheistCommented:
ACLs like permissions are attached to files... Thus central location is filesystem itself...
You can share mount configuration (automounts) and user configuration via LDAP (even Active Directory can do it)
0
 
AIX25Author Commented:
Ok, I'm kind of understanding what you mean. Should I open another question to have you explain this in a more high level. Not sure how I would integrate UNIX ACLs with LDAP or Acitive Directory? Or, is the current setup I'm going with good?
0
 
gheistCommented:
Access list contains permissions and UIDs. You can serve UID and mount point config from NIS, LDAP, etc... check graphic config tools on your system
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 5
  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now