Solved

AIX and Red Hat - Automount and ACLs

Posted on 2013-01-16
10
703 Views
Last Modified: 2013-02-01
The environment is about 6 servers. I'm trying to create a centralized ACL master location, to keep all my acl files in one location. However, I want to utilize automount to make the master ACL directory on one server available across the remainder of the 5 servers. ACL and automount is not utilized in this environment, so it would be a scratch setup. Is this possible to setup? What is needed to have automount working (filesets, install)? Or is there an easier way to do this?
0
Comment
Question by:AIX25
  • 5
  • 4
10 Comments
 
LVL 61

Expert Comment

by:gheist
Comment Utility
AIX and Linux have filesystem ACLs conformant with POSIX standard.
Redhat 6 and AIX 6 supports NFSv4 to allow them to be seen over network

ACL is for file (access control list) like rwx attributes, not some access policy on TACACS server
0
 

Author Comment

by:AIX25
Comment Utility
Can you give me a high level break down of how I go about setting this up? Do I need to setup anything with automounter? NFS? Any insight on this?
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
... Check you have some ACL in file system on some file
... export the file system
... mount
... try chacl command on client


If it is not so easy check cllient mount if it is v4 or not
Check server with rpcinfo (if v4 is served)

Read docs etc to enable missing v4 on server if needed (i think aix enables highest version already)

Remount the volume on Linux with nfsv4 flag (there are like 4 in "man nfs" alone)
0
 

Author Comment

by:AIX25
Comment Utility
I want to set this up with automount on Redhat, any more details on that? I know how to NFS mount, no problem, but I'm not familiar with automounter??
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
Comment Utility
RedHat should automatically have the autofs kernel support installed.

The required userspace package is "nfs-utils", either from the "NFS file server" or from the "'Network File System Client" group.

Here is a short but concise tutorial on autofs from RedHat:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Storage_Administration_Guide/s2-nfs-config-autofs.html

and here is the "autofs" part of the Storage Administration Guide:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s1-nfs-client-config-autofs.html

Basically you'll have to create or edit the /etc/auto.master file to specify your mount points and automount maps.

Next you will create these automount maps according to the format described in the above tutorial.

Don't forget to specify the "acl" option in the map(s), otherwise you won't see the ACLs on the clients.

Finally you must start the autofs service and that's it.

All the above must be done on the clients. The NFS server exports its shares as usual, it doesn't care whether the clients are using autofs or not.

Please let me know if you need instructions for AIX autofs as well.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 61

Expert Comment

by:gheist
Comment Utility
I do not get why you cannot just mount NFS.... with mount command.... and enter in fstab...

automount maps are to mount same set of volumes on NIS-network etc... having them on each system is a plain burden compared to NFS....

ACL and NFSv4 are defaults on RHEL6 and AIX6
0
 

Author Comment

by:AIX25
Comment Utility
@gheist. I'm going to create a master repository location of ACLs on one server that I want to make ACL FS available across all other servers in the environment. Do you have a better way to do this? Please let me know.
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
ACLs like permissions are attached to files... Thus central location is filesystem itself...
You can share mount configuration (automounts) and user configuration via LDAP (even Active Directory can do it)
0
 

Author Comment

by:AIX25
Comment Utility
Ok, I'm kind of understanding what you mean. Should I open another question to have you explain this in a more high level. Not sure how I would integrate UNIX ACLs with LDAP or Acitive Directory? Or, is the current setup I'm going with good?
0
 
LVL 61

Expert Comment

by:gheist
Comment Utility
Access list contains permissions and UIDs. You can serve UID and mount point config from NIS, LDAP, etc... check graphic config tools on your system
0

Featured Post

Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

Join & Write a Comment

Java performance on Solaris - Managing CPUs There are various resource controls in operating system which directly/indirectly influence the performance of application. one of the most important resource controls is "CPU".   In a multithreaded…
Introduction We as admins face situation where we need to redirect websites to another. This may be required as a part of an upgrade keeping the old URL but website should be served from new URL. This document would brief you on different ways ca…
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.

763 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

7 Experts available now in Live!

Get 1:1 Help Now