[debian-edu-commits] [Debian Wiki] Update of "DebianEdu/Documentation/Wheezy/HowTo/AdvancedAdministration" by WolfgangSchweer
Debian Wiki
debian-www at lists.debian.org
Tue Mar 18 13:07:55 UTC 2014
Dear Wiki user,
You have subscribed to a wiki page or wiki category on "Debian Wiki" for change notification.
The "DebianEdu/Documentation/Wheezy/HowTo/AdvancedAdministration" page has been changed by WolfgangSchweer:
https://wiki.debian.org/DebianEdu/Documentation/Wheezy/HowTo/AdvancedAdministration?action=diff&rev1=6&rev2=7
If remote users acknowledge the popup or use pmount from the console, they can even mount the removable devices and access the files.
This is being tracked as [[http://bugs.skolelinux.org/1376|Debian Edu bug #1376]].
+ == Use a Dedicated Storage Server ==
+ Take these steps to set up a dedicated storage server for user home directories and data.
+
+ * Add a new system of type server using GOsa² as outlined in [[DebianEdu/Documentation/Wheezy/GettingStarted#Machine_Management_with_GOsa.2BALI- | Getting started]].
+
+ This example uses 'nas-server.intern' as the server name.
+
+ Once 'nas-server.intern' ist configured, check if the NFS export points on the new storage server are exported to the relevant
+ subnets or machines:
+ {{{
+ root at tjener:~# showmount -e nas-server
+ Export list for nas-server:
+ /storage 10.0.0.0/8
+ root at tjener:~#
+ }}}
+ Here everything on the backbone network is granted access to the /storage export. (This could be restricted to netgroup membership
+ or single IP addresses to limit NFS access like it is done in the tjener:/etc/exports file.)
+
+ * Add automount information about 'nas-server.intern' in LDAP to allow all clients to automatically mount the new export on request.
+
+ This can't be done using GOsa², because a module for automount is missing. Instead, use ldapvi and add the required LDAP
+ objects using an editor.
+
+ {{{ldapvi --ldap-conf -ZD '(cn=admin)' -b ou=automount,dc=skole,dc=skolelinux,dc=no}}}
+
+ When the editor shows up, add the following LDAP objects at the bottom of the document. (The "/&" part in the last LDAP object is
+ a wild card matching everything 'nas-server.intern' exports, removing the need to list individual mount points in LDAP.)
+
+ {{{
+ add cn=nas-server,ou=auto.skole,ou=automount,dc=skole,dc=skolelinux,dc=no
+ objectClass: automount
+ cn: nas-server
+ automountInformation: -fstype=autofs --timeout=60 ldap:ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+
+ add ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+ objectClass: top
+ objectClass: automountMap
+ ou: auto.nas-server
+
+ add cn=/,ou=auto.nas-server,ou=automount,dc=skole,dc=skolelinux,dc=no
+ objectClass: automount
+ cn: /
+ automountInformation: -fstype=nfs,tcp,rsize=32768,wsize=32768,rw,intr,hard,nodev,nosuid,noatime nas-server.intern:/&
+ }}}
+
+ * Add the relevant entries in tjener.intern:/etc/fstab, because tjener.intern does not use automount to avoid mounting loops:
+
+ Create the mount directories using mkdir, edit /etc/fstab and run "mount -a" to mount the new resources.
+
+ Now users should be able to access the files on 'nas-server.intern' directly by just visiting the /tjener/nas-server/storage/ directory using any application on any workstation, LTSP client or LTSP server.
+
More information about the debian-edu-commits
mailing list