man/auto.master.5.in - pub/scm/linux/storage/autofs/autofs - Git at Google

 .\" t
 .TH AUTO.MASTER 5 "11 Apr 2006"
 .SH NAME
 auto.master \- Master Map for automounter consulted by autofs
 .SH "DESCRIPTION"
 The
 .B auto.master
 map is consulted to set up automount managed mount points when the
 .nh
 .BR autofs (8)
 .hy
 script is invoked or the
 .nh
 .BR automount (8)
 .hy
 program is run. Each line describes a mount point and refers to an
 autofs map describing file systems to be mounted under the mount
 point.
 .P
 The default location of the master map is
 .nh
 .B @@autofsmapdir@@/auto.master
 .hy
 but an alternate name may be given on the command line when running
 the automounter and the default master map may changed by setting the
 .nh
 .B "MASTER_MAP_NAME"
 .hy
 configuration variable in
 .nh
 .B @@autofsconfdir@@/autofs.
 .hy
 If the master map name has no path then the system Name Service Switch configuration
 will be consulted and each of the sources searched in line with the rules
 given in the Name Service Switch configuration.
 .P
 Access to mounts in maps is governed by a key.
 .P
 For direct maps the mount point is always specified as:
 .P
 .BR /-
 .P
 and the key used within the direct map is the full path to the mount point. The direct map
 may have multiple entries in the master map.
 .P
 For indirect maps access is by using the path scheme:
 .P
 .BR /mount-point/key
 .P
 where
 .I mount-point
 is one of the entries listed in the master map. The
 .I key
 is a single directory component and is matched against entries in the
 map given in the entry (See
 .BR autofs (5)).
 .P
 Additionally, a map may be included from its source as if it were itself
 present in the master map by including a line of the form:
 .P
 .BR + [ maptype [, format ]:] map\  [ options ]
 .P
 and
 .BR automount (8)
 will process the map according to the specification described below for
 map entries. Indirect map entries must be unique in the master map so
 second and subsequent entries for an indirect mount point are ignored by
 .BR automount (8).
 .TP
 .B NOTE:
 autofs currently does not collapse multiple slashes in paths, so it is
 important to ensure paths used in maps are correct. If unnecessary multiple
 slashes are present in a path it can lead to unexpected failures such as
 an inability to expire automounts. An exception to this is a trailing slash
 at the end of the automount point path in the master map which will be
 removed if present.
 .SH "FORMAT"
 Master map entries have three fields separated by an arbitrary number
 of spaces or tabs. Lines beginning with # are comments. The first field
 is the mount point described above and the second field is the name of
 the map to be consulted for the mount point followed by the third field
 which contains options to be applied to all entries in the map.
 .P
 The format of a master map entry is:
 .TP
 .BR mount-point\  [ map-type [, format ]:] map\  [ options ]
 .TP
 .B mount-point
 Base location for the \fBautofs\fP filesystem to be mounted.  For
 indirect maps this directory will be created (as with \fBmkdir \-p\fP)
 and is removed when the \fBautofs\fP filesystem is umounted.
 .TP
 .B map-type
 Type of map used for this mount point.  The following are
 valid map types:
 .RS
 .TP
 .B file
 The map is a regular text file.
 .TP
 .B program
 The map is an executable program, which is passed a key on the command
 line and returns an entry (everything besides the key) on stdout if successful.
 Optinally, the keyword exec may be used as a synonym for program to avoid
 confusion with amd formated maps mount type program.
 .TP
 .B yp
 The map is a NIS (YP) database.
 .TP
 .B nisplus
 The map is a NIS+ database.
 .TP
 .B hesiod
 The map is a hesiod database whose
 .B filsys
 entries are used for maps.
 .TP
 .B ldap \fPor\fB ldaps
 The map is stored in an LDAP directory. If \fBldaps\fP is used the
 appropriate certificate must be configured in the LDAP client.
 .TP
 .B multi
 This map type allows the specification of multiple maps separated
 by "--". These maps are searched in order to resolve key lookups.
 .TP
 .B dir
 This map type can be used at
 .BR +
 master map including notation. The contents of files under given directory are included
 to the master map. The name of file to be included must be ended with ".autofs". A file
 will be ignored if its name is not ended with the suffix. In addition a dot file, a file
 which name is started with "." is also ignored.
 .RE
 .TP
 .B format
 .br
 Format of the map data; currently the formats recognized are \fBsun\fP,
 which is a subset of the Sun automounter map format, \fBhesiod\fP, for
 hesiod filesys entries and \fBamd\fP for amd formated map entries.
 If the format is left unspecified, it defaults to \fBsun\fP for all map
 types except \fBhesiod\fP unless it is a top level \fBamd\fP mount that
 has a configuration entry for the mount point path, in which case the
 format used is \fBamd\fP.
 .TP
 .B map
 .br
 Name of the map to use.  This is an absolute UNIX pathname
 for maps of types \fBfile\fP, \fBdir\fP, or \fBprogram\fP, and the name of a database
 in the case for maps of type \fByp\fP, \fBnisplus\fP, or \fBhesiod\fP or
 the \fBdn\fP of an LDAP entry for maps of type \fBldap\fP.
 .TP
 .B options
 .br
 Any remaining command line arguments without leading dashes (\-) are
 taken as options (\fI\-o\fP) to \fBmount\fP.  Arguments with leading
 dashes are considered options for the maps and are passed to automount (8).
 .sp
 The \fBsun\fP format supports the following options:
 .RS
 .TP
 .I "\-Dvariable=value"
 Replace \fIvariable\fP with \fIvalue\fP in map substitutions.
 .TP
 .I "\-strict"
 Treat errors when mounting file systems as fatal. This is important when
 multiple file systems should be mounted (`multimounts'). If this option
 is given, no file system is mounted at all if at least one file system
 can't be mounted.
 .TP
 .I "[no]browse"
 This is an autofs specific option that is a pseudo mount option and
 so is given without a leading dash. Use of the browse option pre-creates
 mount point directories for indirect mount maps so the map keys can be
 seen in a directory listing without being mounted. Use of this option
 can cause performance problem if the indirect map is large so it should
 be used with caution. The internal program default is to enable browse
 mode for indirect mounts but the default installed configuration overrides
 this by setting BROWSE_MODE to "no" because of the potential performance
 problem. This option does the same as the deprecated --ghost option, the
 browse option is preferred because it is used by other autofs implementations.
 .TP
 .I "nobind"
 This is an autofs specific option that is a pseudo mount option and
 so is given without a leading dash. It may be used either in the master
 map entry (so it effects all the map entries) or with individual map
 entries to prevent bind mounting of local NFS filesystems. For direct
 mount maps the option is only effective if specified on the first direct
 map entry and is applied to all direct mount maps in the master map. It
 is ignored if given on subsequent direct map entries. It may be used
 on individual map entries of both types. Preventing bind mounts of NFS
 file systems can no longer be done by using the "port=" option, the
 nobind option must be used instead.
 .TP
 .I "symlink"
 This option makes bind mounting use a symlink instead of an actual bind
 mount. It is an autofs specific option that is a pseudo mount option and
 so is given without a leading dash. It may be used with indirect map
 entries only, either in the master map (so it effects all map entries)
 or with individual map entries. The option is ignored for direct mounts
 and non-root offest mount entries.
 .TP
 .I slave \fPor\fI private
 This option allows mount propagation of bind mounts to be set to
 either \fIslave\fP or \fIprivate\fP. This option may be needed when using
 multi-mounts that have bind mounts that bind to a file system that is
 propagation shared. This is becuase the bind mount will have the same
 properties as its target which causes problems for offset mounts. When
 this happens an unwanted offset mount is propagated back to the target
 file system resulting in a deadlock when attempting to access the offset.
 This option is a an autofs pseudo mount option that can be used in the
 master map only. By default bind mounts will inherit the mount propagation
 of the target file system.
 .TP
 .I "\-r, \-\-random-multimount-selection"
 Enables the use of random selection when choosing a host from a
 list of replicated servers. This option is applied to this mount
 only, overriding the global setting that may be specified on the
 command line.
 .TP
 .I "\-w, \-\-use-weight-only"
 Use only specified weights for server selection where more than one
 server is specified in the map entry. If no server weights are given
 then each available server will be tried in the order listed, within
 proximity.
 .TP
 .I "\-t, \-\-timeout <seconds>"
 Set the expire timeout for map entries. This option can be used to
 override the global default given either on the command line
 or in the configuration.
 .TP
 .I "\-n, \-\-negative\-timeout <seconds>"
 Set the timeout for caching failed key lookups. This option can be
 used to override the global default given either on the command line
 or in the configuration.
 .TP
 .I "\-\-mode <octal_mode>"
 Set the directory mode for the base location of the \fBautofs\fP mount point.
 If this option is given, \fBautofs\fP will chmod that directory with this
 mode.
 .SH BUILTIN MAP \-hosts
 If "\-hosts" is given as the map then accessing a key under the mount point
 which corresponds to a hostname will allow access to the exports of that
 host. The hosts map cannot be dynamically updated and requires a HUP signal
 to be sent to the daemon for it to check hosts for an update. Due to possible
 hierarchic dependencies within a mount tree, it might not be completely
 updated during the HUP signal processing.
 .P
 For example, with an entry in the master map of
 .nh
 .B /net  \-hosts
 .hy
 accessing /net/myserver will mount exports from myserver on directories below
 /net/myserver.
 .P
 NOTE: mounts done from a hosts map will be mounted with the "nosuid,nodev,intr" options
 unless overridden by explicily specifying the "suid", "dev" or "nointr" options in the
 master map entry.
 .SH LDAP MAPS
 If the map type \fBldap\fP is specified the mapname is of the form
 \fB[//servername/]dn\fP, where the optional \fBservername\fP is
 the name of the LDAP server to query, and \fBdn\fP is the Distinguished
 Name of a subtree to search for map entries.
 The old style
 .nh
 .B ldap:servername:mapname
 .hy
 is also understood. Alternatively, the type can be obtained from the Name Service Switch
 configuration, in which case the map name alone must be given.
 .P
 If no schema is set in the autofs configuration then autofs will check
 each of the commonly used schema for a valid entry and if one is found
 it will used for subsequent lookups.
 .P
 There are three common schemas in use:
 .TP
 .I nisMap
 .br
 Entries in the \fBnisMap\fP schema are \fBnisObject\fP objects in
 the specified subtree, where the \fBcn\fP attribute is the key
 (the wildcard key is "/"), and the \fBnisMapEntry\fP attribute
 contains the information used by the automounter.
 .TP
 .I automountMap
 The \fBautomountMap\fP schema has two variations that differ in the attribute
 used for the map key. Entries in the automountMap schema are \fBautomount\fP
 objects in the specified subtree, where the \fBcn\fP or \fBautomountKey\fP
 attribute (depending on local usage) is the key (the wildcard key is "/"),
 and the \fBautomountInformation\fP attribute contains the information used
 by the automounter. Note that the \fBcn\fP attribute is case insensitive.
 .P
 The object classes and attributes used for accessing automount maps in
 LDAP can be changed by setting entries in the autofs configuration
 located in
 .nh
 .BR @@autofsconfdir@@/autofs.conf .
 .hy
 .TP
 .B NOTE:
 If a schema is given in the configuration then all the schema configuration
 values must be set, any partial schema specification will be ignored.
 .TP
 For \fBamd\fP format maps a different schema is used:
 .TP
 .I amdMap
 .br
 The \fBamdmap\fP schema contains attributes \fBamdmapName\fP, \fBamdmapKey\fP
 and \fBamdmapValue\fP where \fBamdmapName\fP contains the name of the containing
 map, \fBamdmapKey\fP contains the map key and \fBamdmapValue\fP contains the
 map entry.
 .SH LDAP AUTHENTICATION, ENCRYPTED AND CERTIFIED CONNECTIONS
 LDAP authenticated binds, TLS encrypted connections and certification
 may be used by setting appropriate values in the autofs authentication
 configuration file and configuring the LDAP client with appropriate
 settings.  The default location of this file is
 .nh
 .BR @@autofsmapdir@@/autofs_ldap_auth.conf .
 .hy
 .P
 If this file exists it will be used to establish whether TLS or authentication
 should be used.
 .P
 An example of this file is:
 .sp
 .RS +.2i
 .ta 1.0i
 .nf
 <?xml version="1.0" ?>
 <autofs_ldap_sasl_conf
         usetls="yes"
         tlsrequired="no"
         authrequired="no"
         authtype="DIGEST-MD5"
         user="xyz"
         secret="abc"
 />
 .fi
 .RE
 .sp
 If TLS encryption is to be used the location of the Certificate Authority
 certificate must be set within the LDAP client configuration in
 order to validate the server certificate. If, in addition, a certified
 connection is to be used then the client certificate and private key file
 locations must also be configured within the LDAP client.
 .P
 In OpenLDAP these may be configured in the \fBldap.conf\fP file or in the
 per-user configuration. For example it may be sensible to use the system
 wide configuration for the location of the Certificate Authority certificate
 and set the location of the client certificate and private key
 in the per-user configuration. The location of these files and the configuration
 entry requirements is system dependent so the documentation for your
 installation will need to be consulted to get further information.
 .P
 See
 .B autofs_ldap_auth.conf (5)
 for more information.
 .SH EXAMPLE
 .sp
 .RS +.2i
 .ta 1.0i
 .nf
 /-	auto.data
 /home	/etc/auto.home
 /mnt	yp:mnt.map
 .fi
 .RE
 .sp
 This will generate two mountpoints for
 .IR /home
 and
 .IR /mnt
 and install direct mount triggers for each entry in the direct mount map
 .IR auto.data .
 All accesses to
 .I /home
 will lead to the consultation of the map in
 .IR /etc/auto.home
 and all accesses to
 .I /mnt
 will consult the NIS map
 .IR mnt.map .
 All accesses to paths in the map
 .IR auto.data
 will trigger mounts when they are accessed and the Name Service Switch
 configuration will be used to locate the source of the map
 .IR auto.data .
 .SH "SEE ALSO"
 .BR automount (8),
 .BR autofs (5),
 .BR autofs (8),
 .BR autofs.conf (5),
 .BR autofs_ldap_auth.conf (5).
 .SH AUTHOR
 This manual page was written by Christoph Lameter <chris@waterf.org>,
 for the Debian GNU/Linux system.  Edited by <hpa@transmeta.com> and
 Ian Kent <raven@themaw.net> .
	.\" t
	.TH AUTO.MASTER 5 "11 Apr 2006"
	.SH NAME
	auto.master \- Master Map for automounter consulted by autofs
	.SH "DESCRIPTION"
	The
	.B auto.master
	map is consulted to set up automount managed mount points when the
	.nh
	.BR autofs (8)
	.hy
	script is invoked or the
	.nh
	.BR automount (8)
	.hy
	program is run. Each line describes a mount point and refers to an
	autofs map describing file systems to be mounted under the mount
	point.
	.P
	The default location of the master map is
	.nh
	.B @@autofsmapdir@@/auto.master
	.hy
	but an alternate name may be given on the command line when running
	the automounter and the default master map may changed by setting the
	.nh
	.B "MASTER_MAP_NAME"
	.hy
	configuration variable in
	.nh
	.B @@autofsconfdir@@/autofs.
	.hy
	If the master map name has no path then the system Name Service Switch configuration
	will be consulted and each of the sources searched in line with the rules
	given in the Name Service Switch configuration.
	.P
	Access to mounts in maps is governed by a key.
	.P
	For direct maps the mount point is always specified as:
	.P
	.BR /-
	.P
	and the key used within the direct map is the full path to the mount point. The direct map
	may have multiple entries in the master map.
	.P
	For indirect maps access is by using the path scheme:
	.P
	.BR /mount-point/key
	.P
	where
	.I mount-point
	is one of the entries listed in the master map. The
	.I key
	is a single directory component and is matched against entries in the
	map given in the entry (See
	.BR autofs (5)).
	.P
	Additionally, a map may be included from its source as if it were itself
	present in the master map by including a line of the form:
	.P
	.BR + [ maptype [, format ]:] map\ [ options ]
	.P
	and
	.BR automount (8)
	will process the map according to the specification described below for
	map entries. Indirect map entries must be unique in the master map so
	second and subsequent entries for an indirect mount point are ignored by
	.BR automount (8).
	.TP
	.B NOTE:
	autofs currently does not collapse multiple slashes in paths, so it is
	important to ensure paths used in maps are correct. If unnecessary multiple
	slashes are present in a path it can lead to unexpected failures such as
	an inability to expire automounts. An exception to this is a trailing slash
	at the end of the automount point path in the master map which will be
	removed if present.
	.SH "FORMAT"
	Master map entries have three fields separated by an arbitrary number
	of spaces or tabs. Lines beginning with # are comments. The first field
	is the mount point described above and the second field is the name of
	the map to be consulted for the mount point followed by the third field
	which contains options to be applied to all entries in the map.
	.P
	The format of a master map entry is:
	.TP
	.BR mount-point\ [ map-type [, format ]:] map\ [ options ]
	.TP
	.B mount-point
	Base location for the \fBautofs\fP filesystem to be mounted. For
	indirect maps this directory will be created (as with \fBmkdir \-p\fP)
	and is removed when the \fBautofs\fP filesystem is umounted.
	.TP
	.B map-type
	Type of map used for this mount point. The following are
	valid map types:
	.RS
	.TP
	.B file
	The map is a regular text file.
	.TP
	.B program
	The map is an executable program, which is passed a key on the command
	line and returns an entry (everything besides the key) on stdout if successful.
	Optinally, the keyword exec may be used as a synonym for program to avoid
	confusion with amd formated maps mount type program.
	.TP
	.B yp
	The map is a NIS (YP) database.
	.TP
	.B nisplus
	The map is a NIS+ database.
	.TP
	.B hesiod
	The map is a hesiod database whose
	.B filsys
	entries are used for maps.
	.TP
	.B ldap \fPor\fB ldaps
	The map is stored in an LDAP directory. If \fBldaps\fP is used the
	appropriate certificate must be configured in the LDAP client.
	.TP
	.B multi
	This map type allows the specification of multiple maps separated
	by "--". These maps are searched in order to resolve key lookups.
	.TP
	.B dir
	This map type can be used at
	.BR +
	master map including notation. The contents of files under given directory are included
	to the master map. The name of file to be included must be ended with ".autofs". A file
	will be ignored if its name is not ended with the suffix. In addition a dot file, a file
	which name is started with "." is also ignored.
	.RE
	.TP
	.B format
	.br
	Format of the map data; currently the formats recognized are \fBsun\fP,
	which is a subset of the Sun automounter map format, \fBhesiod\fP, for
	hesiod filesys entries and \fBamd\fP for amd formated map entries.
	If the format is left unspecified, it defaults to \fBsun\fP for all map
	types except \fBhesiod\fP unless it is a top level \fBamd\fP mount that
	has a configuration entry for the mount point path, in which case the
	format used is \fBamd\fP.
	.TP
	.B map
	.br
	Name of the map to use. This is an absolute UNIX pathname
	for maps of types \fBfile\fP, \fBdir\fP, or \fBprogram\fP, and the name of a database
	in the case for maps of type \fByp\fP, \fBnisplus\fP, or \fBhesiod\fP or
	the \fBdn\fP of an LDAP entry for maps of type \fBldap\fP.
	.TP
	.B options
	.br
	Any remaining command line arguments without leading dashes (\-) are
	taken as options (\fI\-o\fP) to \fBmount\fP. Arguments with leading
	dashes are considered options for the maps and are passed to automount (8).
	.sp
	The \fBsun\fP format supports the following options:
	.RS
	.TP
	.I "\-Dvariable=value"
	Replace \fIvariable\fP with \fIvalue\fP in map substitutions.
	.TP
	.I "\-strict"
	Treat errors when mounting file systems as fatal. This is important when
	multiple file systems should be mounted (`multimounts'). If this option
	is given, no file system is mounted at all if at least one file system
	can't be mounted.
	.TP
	.I "[no]browse"
	This is an autofs specific option that is a pseudo mount option and
	so is given without a leading dash. Use of the browse option pre-creates
	mount point directories for indirect mount maps so the map keys can be
	seen in a directory listing without being mounted. Use of this option
	can cause performance problem if the indirect map is large so it should
	be used with caution. The internal program default is to enable browse
	mode for indirect mounts but the default installed configuration overrides
	this by setting BROWSE_MODE to "no" because of the potential performance
	problem. This option does the same as the deprecated --ghost option, the
	browse option is preferred because it is used by other autofs implementations.
	.TP
	.I "nobind"
	This is an autofs specific option that is a pseudo mount option and
	so is given without a leading dash. It may be used either in the master
	map entry (so it effects all the map entries) or with individual map
	entries to prevent bind mounting of local NFS filesystems. For direct
	mount maps the option is only effective if specified on the first direct
	map entry and is applied to all direct mount maps in the master map. It
	is ignored if given on subsequent direct map entries. It may be used
	on individual map entries of both types. Preventing bind mounts of NFS
	file systems can no longer be done by using the "port=" option, the
	nobind option must be used instead.
	.TP
	.I "symlink"
	This option makes bind mounting use a symlink instead of an actual bind
	mount. It is an autofs specific option that is a pseudo mount option and
	so is given without a leading dash. It may be used with indirect map
	entries only, either in the master map (so it effects all map entries)
	or with individual map entries. The option is ignored for direct mounts
	and non-root offest mount entries.
	.TP
	.I slave \fPor\fI private
	This option allows mount propagation of bind mounts to be set to
	either \fIslave\fP or \fIprivate\fP. This option may be needed when using
	multi-mounts that have bind mounts that bind to a file system that is
	propagation shared. This is becuase the bind mount will have the same
	properties as its target which causes problems for offset mounts. When
	this happens an unwanted offset mount is propagated back to the target
	file system resulting in a deadlock when attempting to access the offset.
	This option is a an autofs pseudo mount option that can be used in the
	master map only. By default bind mounts will inherit the mount propagation
	of the target file system.
	.TP
	.I "\-r, \-\-random-multimount-selection"
	Enables the use of random selection when choosing a host from a
	list of replicated servers. This option is applied to this mount
	only, overriding the global setting that may be specified on the
	command line.
	.TP
	.I "\-w, \-\-use-weight-only"
	Use only specified weights for server selection where more than one
	server is specified in the map entry. If no server weights are given
	then each available server will be tried in the order listed, within
	proximity.
	.TP
	.I "\-t, \-\-timeout <seconds>"
	Set the expire timeout for map entries. This option can be used to
	override the global default given either on the command line
	or in the configuration.
	.TP
	.I "\-n, \-\-negative\-timeout <seconds>"
	Set the timeout for caching failed key lookups. This option can be
	used to override the global default given either on the command line
	or in the configuration.
	.TP
	.I "\-\-mode <octal_mode>"
	Set the directory mode for the base location of the \fBautofs\fP mount point.
	If this option is given, \fBautofs\fP will chmod that directory with this
	mode.
	.SH BUILTIN MAP \-hosts
	If "\-hosts" is given as the map then accessing a key under the mount point
	which corresponds to a hostname will allow access to the exports of that
	host. The hosts map cannot be dynamically updated and requires a HUP signal
	to be sent to the daemon for it to check hosts for an update. Due to possible
	hierarchic dependencies within a mount tree, it might not be completely
	updated during the HUP signal processing.
	.P
	For example, with an entry in the master map of
	.nh
	.B /net \-hosts
	.hy
	accessing /net/myserver will mount exports from myserver on directories below
	/net/myserver.
	.P
	NOTE: mounts done from a hosts map will be mounted with the "nosuid,nodev,intr" options
	unless overridden by explicily specifying the "suid", "dev" or "nointr" options in the
	master map entry.
	.SH LDAP MAPS
	If the map type \fBldap\fP is specified the mapname is of the form
	\fB[//servername/]dn\fP, where the optional \fBservername\fP is
	the name of the LDAP server to query, and \fBdn\fP is the Distinguished
	Name of a subtree to search for map entries.
	The old style
	.nh
	.B ldap:servername:mapname
	.hy
	is also understood. Alternatively, the type can be obtained from the Name Service Switch
	configuration, in which case the map name alone must be given.
	.P
	If no schema is set in the autofs configuration then autofs will check
	each of the commonly used schema for a valid entry and if one is found
	it will used for subsequent lookups.
	.P
	There are three common schemas in use:
	.TP
	.I nisMap
	.br
	Entries in the \fBnisMap\fP schema are \fBnisObject\fP objects in
	the specified subtree, where the \fBcn\fP attribute is the key
	(the wildcard key is "/"), and the \fBnisMapEntry\fP attribute
	contains the information used by the automounter.
	.TP
	.I automountMap
	The \fBautomountMap\fP schema has two variations that differ in the attribute
	used for the map key. Entries in the automountMap schema are \fBautomount\fP
	objects in the specified subtree, where the \fBcn\fP or \fBautomountKey\fP
	attribute (depending on local usage) is the key (the wildcard key is "/"),
	and the \fBautomountInformation\fP attribute contains the information used
	by the automounter. Note that the \fBcn\fP attribute is case insensitive.
	.P
	The object classes and attributes used for accessing automount maps in
	LDAP can be changed by setting entries in the autofs configuration
	located in
	.nh
	.BR @@autofsconfdir@@/autofs.conf .
	.hy
	.TP
	.B NOTE:
	If a schema is given in the configuration then all the schema configuration
	values must be set, any partial schema specification will be ignored.
	.TP
	For \fBamd\fP format maps a different schema is used:
	.TP
	.I amdMap
	.br
	The \fBamdmap\fP schema contains attributes \fBamdmapName\fP, \fBamdmapKey\fP
	and \fBamdmapValue\fP where \fBamdmapName\fP contains the name of the containing
	map, \fBamdmapKey\fP contains the map key and \fBamdmapValue\fP contains the
	map entry.
	.SH LDAP AUTHENTICATION, ENCRYPTED AND CERTIFIED CONNECTIONS
	LDAP authenticated binds, TLS encrypted connections and certification
	may be used by setting appropriate values in the autofs authentication
	configuration file and configuring the LDAP client with appropriate
	settings. The default location of this file is
	.nh
	.BR @@autofsmapdir@@/autofs_ldap_auth.conf .
	.hy
	.P
	If this file exists it will be used to establish whether TLS or authentication
	should be used.
	.P
	An example of this file is:
	.sp
	.RS +.2i
	.ta 1.0i
	.nf
	<?xml version="1.0" ?>
	<autofs_ldap_sasl_conf
	usetls="yes"
	tlsrequired="no"
	authrequired="no"
	authtype="DIGEST-MD5"
	user="xyz"
	secret="abc"
	/>
	.fi
	.RE
	.sp
	If TLS encryption is to be used the location of the Certificate Authority
	certificate must be set within the LDAP client configuration in
	order to validate the server certificate. If, in addition, a certified
	connection is to be used then the client certificate and private key file
	locations must also be configured within the LDAP client.
	.P
	In OpenLDAP these may be configured in the \fBldap.conf\fP file or in the
	per-user configuration. For example it may be sensible to use the system
	wide configuration for the location of the Certificate Authority certificate
	and set the location of the client certificate and private key
	in the per-user configuration. The location of these files and the configuration
	entry requirements is system dependent so the documentation for your
	installation will need to be consulted to get further information.
	.P
	See
	.B autofs_ldap_auth.conf (5)
	for more information.
	.SH EXAMPLE
	.sp
	.RS +.2i
	.ta 1.0i
	.nf
	/- auto.data
	/home /etc/auto.home
	/mnt yp:mnt.map
	.fi
	.RE
	.sp
	This will generate two mountpoints for
	.IR /home
	and
	.IR /mnt
	and install direct mount triggers for each entry in the direct mount map
	.IR auto.data .
	All accesses to
	.I /home
	will lead to the consultation of the map in
	.IR /etc/auto.home
	and all accesses to
	.I /mnt
	will consult the NIS map
	.IR mnt.map .
	All accesses to paths in the map
	.IR auto.data
	will trigger mounts when they are accessed and the Name Service Switch
	configuration will be used to locate the source of the map
	.IR auto.data .
	.SH "SEE ALSO"
	.BR automount (8),
	.BR autofs (5),
	.BR autofs (8),
	.BR autofs.conf (5),
	.BR autofs_ldap_auth.conf (5).
	.SH AUTHOR
	This manual page was written by Christoph Lameter <chris@waterf.org>,
	for the Debian GNU/Linux system. Edited by <hpa@transmeta.com> and
	Ian Kent <raven@themaw.net> .