Mounting home directories with the nosuid option

To increase security when automatically mounting file systems, you might want to configure the auto_home or auto.home NIS map to prevent users from switching their user or group identity. You can prevent users from mounting file systems with a different user context by specifying the nosuid option.

To set the nosuid option in the auto_home or auto.home NIS map:

  1. Open Access Manager to import or create a NIS map to be stored in Active Directory.
  2. Expand the appropriate zone and the UNIX Data node to display NIS Maps.
  3. Select NIS Maps, right-click, then click New > Automount.
  4. Type auto.home or auto_home as the map name, then click OK.
  5. Select the new map, right click, then click New> Map entry to add a new individual map record.
  6. Set the fields in the map record similar to this to enable mounting of home directories with the nosuid option for all users in a zone:

    Name: *
    Network Path: homeservername:/home/&
    Options: -nosuid

    You can use a similar approach to specify other or additional mount options—such as noexec and nodev—to the map entry.