#7812 automount keys should be case sensitive
Opened 7 months ago by fcami. Modified 7 months ago

$ ipa automountmap-add default auto.test
Added automount map "auto.test"
  Map: auto.test
$ ipa automountkey-add default --key "test" --info "nfs.example.com:/exports/test" auto.test
Added automount key "test"
  Key: test
  Mount information: nfs.example.com:/exports/test
$ ipa automountkey-add default --key "TEST" --info "nfs.example.com:/exports/TEST" auto.test
ipa: ERROR: key named auto.test already exists

There are two issues to be fixed:
* "ipa automountkey-add default --key $foo" should be case-sensitive
* the duplicate key error message should be to "ipa: ERROR: key named TEST already exists in auto.test" (e.g. possibly wrong variable substitution)

Metadata Update from @fcami:
- Custom field rhbz adjusted to https://bugzilla.redhat.com/show_bug.cgi?id=1659297

7 months ago

I don't think it's possible to fix this because it would be a violation of RFC2307bis schema.

The DN for the first automount map is description=TEST,automountmapname=auto.test,cn=default,cn=automount with object classes top and automount (OID The automount object class is defined as part of the RFC2307bis schema:

     ( NAME 'automount' SUP top STRUCTURAL
         DESC 'Automount information'
         MUST ( automountKey $ automountInformation )
         MAY description )

The description attribute is defined as directory string with EQUALITY MATCHING RULE caseIgnoreMatch, see https://www.alvestrand.no/objectid/ . So the description attribute has a case insensitive match.

I haven't figured out if IPA is required to use the description attribute as part of the DN. If RFC2307 also allowes to use automountKey as RDN, then we can fix it.

from automount.py:

stuff -ro,soft,rsize=8192,wsize=8192 nfs.example.com:/vol/archive/stuff

should be equivalent to

# stuff, auto.mnt, automount, example.com
dn: automountkey=stuff,automountmapname=auto.mnt,cn=automount,dc=example,dc=com
objectClass: automount
objectClass: top
automountKey: stuff
automountInformation: -ro,soft,rsize=8192,wsize=8192 nfs.example.com:/vol/arch

but that's not what we build now. I digged a bit:

automountkey used to be the RDN, but we switched the RDN to description as part of https://pagure.io/freeipa/issue/293 "Support multiple direct maps in automount" - commit 70a9e04
in ipalib/plugins/automount.py

At first description used to contain key+information but that was changed to key only as part of https://pagure.io/freeipa/issue/1229 "automountkey entry dn is incorrect" - commit bee4e6a
again in ipalib/plugins/automount.py

As supporting multiple direct maps is important (I guess for location-aware usage) we can't revert to using automountkey alone. I haven't tried it yet but adding a hash generated from the key would do. description would contain rdn_separator.join(key, hash(key)) and with minor adaptations to find() and show() we could get by.

We already use a different description to support multiple direct automount maps:
dn: description=/- auto.direct,automountmapname=auto.master,cn=default,cn=auto
objectClass: automount
objectClass: top
automountKey: /-
automountInformation: auto.direct
description: /- auto.direct
As noted above using rdn_separator.join(key, hash(key)) is better for readability
We could also use only hash(key) as description.

Login to comment on this ticket.