[svlug] System boot up scripts (Samba and NIS)

Ivan Sergio Borgonovo mail at webthatworks.it
Sat Mar 30 03:56:01 PST 2002

Previous message: [svlug] System boot up scripts
Next message: [svlug] System boot up scripts (Samba and NIS)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 29 Mar 2002 at 17:08, Akbar Ahmed wrote:

> --- Daniel Curry <dcurry at cariocas.com> wrote:
> > Where (which init.d file) do I need to add mount
> > commands to automount
> > other systems and file servers at boot time on an
> > RH7.2 system?  

> To mount a samba share on boot, add the following to
> /etc/fstab:
> 
> //server/Bob /home/Bob smbfs
> defaults,username=Bob,password=hidden,workgroup=MYGROUP,rw

> > I would
> > like for all my users to have a single 'home'
> > directory from any machine
> > on the network.  

> Try NIS.

Getting out of lurking mode after 6 months I think...

And...

-- smb.conf --

[global]
security = user
domain logons = Yes
domain master = Yes
preferred master = Yes
local master = Yes
; logon drive = Z:
; logon path = \\%N\%U\profile
logon script = logon.bat
; logon home = \\%N\%U


[home]
readonly = No
create mask = 640
directory mask = 0750
browseable = No

[netlogon]
path = /var/lib/samba/netlogon
browseable = no

[profile]
path = /export/samba/profile
create mode = 0700
read only = No
browseable = No

-- -------- --

-- logon.bat --
rem to automate stuff on clients
rem profiles and homes don't require logon script
rem net use z: \\[NetBios name of PDC]\[share]
-- --------- --

With this configuration everytime you'll logon from a Win client into 
the Samba PDC it will "mount" your Unix home (~/) in the Windows 
client.

Furthermore you'll have your profiles (all NT rubbish) saved on the 
Samba PDC, so you could automate cleaning up and have roaming profiles 
for Win machines.

Give a look to the O'Reilly book, they should have it somewhere on 
their FTP.



But I've couple of questions for the *nix gurus about NIS and homes

1)  I need a reference, recipe whatever for securying NFS/NIS... each 
    time I tried to put my hands on hosts.allow, hosts.deny, I closed 
    myself out of some services. I would like to have a method to know 
    what's running on the server and how to permit what I like.
    the:

hosts.deny
portmap: ALL
hosts.allow
portmap: .webthatworks.it

recipe didn't worked for me

2)  Currently I've shared home through fstab for one test user. I would 
    like to have roaming homes for nearly all user with the exception of a 
    few that should have local homes. homes may move so I would like to 
    take advantage of NIS (that is perfectly running and authenticating non 
    local users) but all the systems I've seen use a automount daemon on 
    the server and the client, I don't want to run additional daemons.
    users and homes won't be added remotely, so having one more daemon 
    doesn't seem a good idea[*] (is there another standard solution I 
    haven't seen?)
    I could write a script and put it in /etc/init.d to read NIS homes and 
    then mount them but I'm looking for suggestions to find the most 
    standard way to solve such kind of problem.


[*] I suppose that both pre exported shares and automount daemon may 
have both some security tradeoff...


TIA


-- 
Salve
Ivan Sergio Borgonovo
http://www.webthatworks.it/
uniq life || sleep 24h

Previous message: [svlug] System boot up scripts
Next message: [svlug] System boot up scripts (Samba and NIS)
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the svlug mailing list