Mounting home directories with the nosuid option

To increase security when automatically mounting file systems, you might want to configure the auto_home or auto.home NIS map to prevent users from switching their user or group identity. You can prevent users from mounting file systems with a different user context by specifying the nosuid option.

To set the nosuid option in the auto_home or auto.home NIS map:

1. Open Access Manager to import or create a NIS map to be stored in Active Directory.
2. Expand the appropriate zone and the UNIX Data node to display NIS Maps.
3. Select NIS Maps, right-click, then click New > Automount.
4. Type auto.home or auto_home as the map name, then click OK.
5. Select the new map, right click, then click New> Map entry to add a new individual map record.

6. Set the fields in the map record similar to this to enable mounting of home directories with the nosuid option for all users in a zone:

   Name: *
   Network Path: homeservername:/home/&
   Options: -nosuid

   You can use a similar approach to specify other or additional mount options—such as noexec and nodev—to the map entry.