From Fedora Project Wiki

< Features

Revision as of 21:23, 13 December 2011 by Jhrozek (talk | contribs)

The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.


Feature Name

SSSD AutoFS Integration

Summary

Integrate SSSD and autofs for looking up automounter data stored in cetralized remote directories such as LDAP.

Owner

  • Email: <jhrozek@redhat.com>

Current status

  • Targeted release: Fedora 17
  • Last updated: 2011-12-13
  • Percentage of completion: 10% (Design done and signed-off by both parties. Needs implementation, review and testing)


Detailed Description

Autofs is able to look up maps stored in LDAP. However, autofs does all the lookups on its own. Even though autofs uses the nsswitch.conf configuration file, there is no glibc interface such as those for retreiving users and groups and by extension no nscd caching.

The goal of this feature is to integrate autofs and SSSD in a more centralized manner to be able to leverage all the benefits SSSD brings over performing the lookups in autofs directly (see below for more details).


Benefit to Fedora

The benefits of the integration are:

  • unified configuration of LDAP servers, timeout parameters, DNS SRV lookups in one place (sssd.conf)
  • only one connection to the LDAP server open resulting in less load on the LDAP server
  • caching of the data - again, less load on the LDAP server
  • offline access - even though if the client cannot connect to the LDAP server chances are that the NFS server is unreachable as well
  • back end abstraction - data may be stored in NIS or other databases and accessed by the automounter transparently


Scope

This feature needs work on both the SSSD side and autofs side. A very detailed design documents is available on the [SSSD wiki]

The autofs developers need to create a new autofs lookup module that would be specific to SSSD. A lookup module is implemented for each information source and provides access to the infromation source - there is a module for plain files, a module for LDAP etc. The lookup module that would load the libnss_sss library and use the provided API to fetch data from SSSD transparently.

SSSD developers need to provide the API in the libnss_sss library and corresponding code for actually downloading and storing the data on the back end side of SSSD.


How To Test

User Experience

Dependencies

Contingency Plan

Documentation

Release Notes

Comments and Discussion

Retrieved from "https://fedoraproject.org/w/index.php?title=Features/SSSDAutoFSSupport&oldid=263391"