Directory and quota management

On Linux, new home directories are normally created at login, by pam_mkhomedir. That can't work for us, because it assumes that root can create a directory. On a Kerberized file system, root has no privileges.

Instead, we use pam_kmkhomedir. It calls a server mkhomedird. There is configuration for both client and server in krb5.conf, described in their man pages. krb5.conf tells pam_mkhomedir where the server is. Normally that's services.cs.rutgers.edu, but for Linux ZFS-based file servers, mkhomedird has to run on the file server. So there's an argument to pam_mkhomedir to specify the server, overriding what is in krb5.conf

We're in transition for quotas. Typically Netapp quotas are managed by various scripts, and xfs quotas are created using xfs tools. The new scheme will be that mkhomedird sets that quota when the directory is created, and a nightly job, quotareview, reviews them in case the user's group membership has changed.

We may still manage quotas manually for systems with just a few users, or for systems that support a default quota, when almost everyone uses the default.

mkhomedird and quotareview have code specific for ZFS. It's in the kmkhomedir source area. In the quota directory there are patches for rpc.rquotad for ZFS. The ZFS code is written in C, using libzfs. I will be writing the equivalent netapp code, probably in python, using the Netapp rest API.