The default version of /etc/auto_master that is installed has the –nobrowse option added to the entries for /home and /net. In addition, the upgrade procedure adds the –nobrowse option to the /home and /net entries in /etc/auto_master if these entries have not been modified. However, you might have to make these changes manually or to turn off browsability for site-specific autofs mount points after the installation.
This section describes how to turn off the browsability feature for a single client, all clients, and a selected file system.
For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.2 .
# sharectl set -p nobrowse=TRUE autofs
# svcadm restart system/filesystem/autofs
To disable browsability for all clients, you must employ a name service such as NIS. Otherwise, you need to manually edit the automounter maps on each client. In this example, the browsability of the /home directory is disabled. You must follow this procedure for each indirect autofs node that needs to be disabled.
/home auto_home -nobrowse
The new behavior also becomes effective after a reboot.
# /usr/sbin/automount
In this example, browsability of the /net directory is disabled. You can use the same procedure for /home or any other autofs mount points.
The config/automount property in the name-service/switch service shows the search order for the automount information.
# svcprop -p config svc:/system/name-service/switch config/value_authorization astring solaris.smf.value.name-service.switch config/printer astring user\ files config/default astring files\ nis config/automount astring files\ nis
The last entry shows that local automount files are searched first and then the NIS service is checked. The config/default entry specifies the search order for all naming information not specifically listed.
For additions to the local files to have precedence over the entries in the namespace, the +auto_master entry must be moved to follow /net.
# Master map for automounter # /net -hosts -nosuid /home auto_home /nfs4 -fedfs -ro,nosuid,nobrowse +auto_master
A standard configuration places the +auto_master entry at the top of the file, which prevents any local changes from being used.
/net -hosts -nosuid,nobrowse
The new behavior becomes effective after running the automount command on the client systems or after a reboot.
# /usr/sbin/automount