Solved

AIX and Red Hat - Automount and ACLs

Posted on 2013-01-16
10
722 Views
Last Modified: 2013-02-01
The environment is about 6 servers. I'm trying to create a centralized ACL master location, to keep all my acl files in one location. However, I want to utilize automount to make the master ACL directory on one server available across the remainder of the 5 servers. ACL and automount is not utilized in this environment, so it would be a scratch setup. Is this possible to setup? What is needed to have automount working (filesets, install)? Or is there an easier way to do this?
0
Comment
Question by:AIX25
  • 5
  • 4
10 Comments
 
LVL 62

Expert Comment

by:gheist
ID: 38785199
AIX and Linux have filesystem ACLs conformant with POSIX standard.
Redhat 6 and AIX 6 supports NFSv4 to allow them to be seen over network

ACL is for file (access control list) like rwx attributes, not some access policy on TACACS server
0
 

Author Comment

by:AIX25
ID: 38785229
Can you give me a high level break down of how I go about setting this up? Do I need to setup anything with automounter? NFS? Any insight on this?
0
 
LVL 62

Expert Comment

by:gheist
ID: 38786045
... Check you have some ACL in file system on some file
... export the file system
... mount
... try chacl command on client


If it is not so easy check cllient mount if it is v4 or not
Check server with rpcinfo (if v4 is served)

Read docs etc to enable missing v4 on server if needed (i think aix enables highest version already)

Remount the volume on Linux with nfsv4 flag (there are like 4 in "man nfs" alone)
0
Master Your Team's Linux and Cloud Stack

Come see why top tech companies like Mailchimp and Media Temple use Linux Academy to build their employee training programs.

 

Author Comment

by:AIX25
ID: 38786132
I want to set this up with automount on Redhat, any more details on that? I know how to NFS mount, no problem, but I'm not familiar with automounter??
0
 
LVL 68

Accepted Solution

by:
woolmilkporc earned 500 total points
ID: 38786729
RedHat should automatically have the autofs kernel support installed.

The required userspace package is "nfs-utils", either from the "NFS file server" or from the "'Network File System Client" group.

Here is a short but concise tutorial on autofs from RedHat:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6-Beta/html/Storage_Administration_Guide/s2-nfs-config-autofs.html

and here is the "autofs" part of the Storage Administration Guide:
https://access.redhat.com/knowledge/docs/en-US/Red_Hat_Enterprise_Linux/6/html/Storage_Administration_Guide/s1-nfs-client-config-autofs.html

Basically you'll have to create or edit the /etc/auto.master file to specify your mount points and automount maps.

Next you will create these automount maps according to the format described in the above tutorial.

Don't forget to specify the "acl" option in the map(s), otherwise you won't see the ACLs on the clients.

Finally you must start the autofs service and that's it.

All the above must be done on the clients. The NFS server exports its shares as usual, it doesn't care whether the clients are using autofs or not.

Please let me know if you need instructions for AIX autofs as well.
0
 
LVL 62

Expert Comment

by:gheist
ID: 38841949
I do not get why you cannot just mount NFS.... with mount command.... and enter in fstab...

automount maps are to mount same set of volumes on NIS-network etc... having them on each system is a plain burden compared to NFS....

ACL and NFSv4 are defaults on RHEL6 and AIX6
0
 

Author Comment

by:AIX25
ID: 38842439
@gheist. I'm going to create a master repository location of ACLs on one server that I want to make ACL FS available across all other servers in the environment. Do you have a better way to do this? Please let me know.
0
 
LVL 62

Expert Comment

by:gheist
ID: 38842729
ACLs like permissions are attached to files... Thus central location is filesystem itself...
You can share mount configuration (automounts) and user configuration via LDAP (even Active Directory can do it)
0
 

Author Comment

by:AIX25
ID: 38843452
Ok, I'm kind of understanding what you mean. Should I open another question to have you explain this in a more high level. Not sure how I would integrate UNIX ACLs with LDAP or Acitive Directory? Or, is the current setup I'm going with good?
0
 
LVL 62

Expert Comment

by:gheist
ID: 38844226
Access list contains permissions and UIDs. You can serve UID and mount point config from NIS, LDAP, etc... check graphic config tools on your system
0

Featured Post

Gigs: Get Your Project Delivered by an Expert

Select from freelancers specializing in everything from database administration to programming, who have proven themselves as experts in their field. Hire the best, collaborate easily, pay securely and get projects done right.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
nagios monitor 3 54
CentOS/RHEL 7 Linux maillog worldwide readable 2 61
linux(debian) mouse poor performance 4 39
How to enable sync between two yum repo? 1 30
The purpose of this article is to demonstrate how we can use conditional statements using Python.
Fine Tune your automatic Updates for Ubuntu / Debian
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
Learn how to navigate the file tree with the shell. Use pwd to print the current working directory: Use ls to list a directory's contents: Use cd to change to a new directory: Use wildcards instead of typing out long directory names: Use ../ to move…

816 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

11 Experts available now in Live!

Get 1:1 Help Now