canwe · November 27, 2024 08:36 · Jun 17, 2022 · Jun 17, 2022 · Jun 17, 2022 · Jan 25, 2022
diff --git a/autofs.md b/autofs.md
@@ -64,16 +64,14 @@ physically present on the disk, but when the system is booted, they behave
 as if they were within certain parameters.
 ```
 
-which sounds exactly what we want. Create a new file `/etc/synthetic.d/automounts`. If it does not exist, create the directory and the file with this content:
+which sounds exactly what we want. Create a new file `/etc/synthetic.conf`. If it does not exist, create the  file with this content:
 
 ```
 # create a symbolic link named "music" at / which points to
 # "System/Volumes/Data/mount/music", a writeable location at the root of the data volume
 music   System/Volumes/Data/mount/music
 ```
 
-Please also add a `/etc/synthetic.conf` if it is not present. You could also add the above lines to the conf file but I want to keep them separated in the `/etc/synthetic.d/` folder.
-
 The first column describes the symbolic link at /. The next column is separated with a tab and describes the location under / which should be linked to the first column. You can also leave the second column empty. This would create an empty folder in which we could automount again. If you want the minumum amount of changes, use example from above. After a reboot the folder should be available at the root of your macOS installation.
 
 ## Restoring autofs after macOS updates

diff --git a/autofs.md b/autofs.md
@@ -72,6 +72,8 @@ which sounds exactly what we want. Create a new file `/etc/synthetic.d/automount
 music   System/Volumes/Data/mount/music
 ```
 
+Please also add a `/etc/synthetic.conf` if it is not present. You could also add the above lines to the conf file but I want to keep them separated in the `/etc/synthetic.d/` folder.
+
 The first column describes the symbolic link at /. The next column is separated with a tab and describes the location under / which should be linked to the first column. You can also leave the second column empty. This would create an empty folder in which we could automount again. If you want the minumum amount of changes, use example from above. After a reboot the folder should be available at the root of your macOS installation.
 
 ## Restoring autofs after macOS updates

diff --git a/autofs.md b/autofs.md
@@ -46,6 +46,34 @@ This is the version of `/etc/auto_smb` in Catalina:
 
     /System/Volumes/Data/mount/music    -fstype=smbfs,soft,noowners,nosuid,rw ://username:password@ip-address:/music
 
+## Modern way using synthetic.conf
+
+Thanks to [rjc](https://gist.github.com/rudelm/7bcc905ab748ab9879ea?permalink_comment_id=4041343#gistcomment-4041343) I now know about `synthetic.conf`. From the man page:
+
+```
+synthetic.conf describes virtual symbolic links and empty directories to be
+created at the root mount point.  Because the root mount point is read-only
+as of macOS 10.15, physical files may not be created at this location.  All
+writeable paths must reside on the data volume, which is mounted at
+/System/Volumes/Data.
+
+synthetic.conf provides a mechanism for some limited, user-controlled file-
+creation at /.  The synthetic entities described in this file are
+synthesized by the kernel during early system boot.  They are not
+physically present on the disk, but when the system is booted, they behave
+as if they were within certain parameters.
+```
+
+which sounds exactly what we want. Create a new file `/etc/synthetic.d/automounts`. If it does not exist, create the directory and the file with this content:
+
+```
+# create a symbolic link named "music" at / which points to
+# "System/Volumes/Data/mount/music", a writeable location at the root of the data volume
+music   System/Volumes/Data/mount/music
+```
+
+The first column describes the symbolic link at /. The next column is separated with a tab and describes the location under / which should be linked to the first column. You can also leave the second column empty. This would create an empty folder in which we could automount again. If you want the minumum amount of changes, use example from above. After a reboot the folder should be available at the root of your macOS installation.
+
 ## Restoring autofs after macOS updates
 
 The recent macOS updates seem to overwrite the `/etc/auto_master` file. You can try to set the file to read-only using the extended attributes of macOS. For more details see [this blog post](https://www.cyberciti.biz/faq/apple-osx-write-protecting-file-folders-bash-command/). Please add the entry for your autofs file again to the `auto_master` file and save the file. We'll try to set the `auto_master` file to read-only, in hope it won't be overwritten again.

diff --git a/autofs.md b/autofs.md
@@ -74,4 +74,4 @@ You now need to restart the autofs service with the command 'sudo automount -cv'
 You can now switch to '/Volumes/music' or '/mount/music' folder or let it list on the terminal. If you're using macOS Catalina you can open `/System/Volumes/Data/mount/music`. Once you do that autofs will automatically try to mount the desired volume into this folder.
 
 # See an example and explanation in action
-Visit my [blog post](https://centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail. A complete list of blog posts with autofs can be found [here](https://centurio.net/tag/autofs/).
+Visit my [blog post](https://centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail. A complete list of blog posts with autofs can be found [here](https://centurio.net/tags/autofs/).
diff --git a/autofs.md b/autofs.md
@@ -48,7 +48,7 @@ This is the version of `/etc/auto_smb` in Catalina:
 
 ## Restoring autofs after macOS updates
 
-The recent macOS updates seem to overwrite the `/etc/auto_master` file. You can try to set the file to read-only using the extended attributes of macOS. For more details see [this blog post](https://www.cyberciti.biz/faq/apple-osx-write-protecting-file-folders-bash-command/).
+The recent macOS updates seem to overwrite the `/etc/auto_master` file. You can try to set the file to read-only using the extended attributes of macOS. For more details see [this blog post](https://www.cyberciti.biz/faq/apple-osx-write-protecting-file-folders-bash-command/). Please add the entry for your autofs file again to the `auto_master` file and save the file. We'll try to set the `auto_master` file to read-only, in hope it won't be overwritten again.
 
 ```
 ~ ❯ ls -lO /etc/auto_master                                         at 20:55:44

diff --git a/autofs.md b/autofs.md
@@ -46,6 +46,28 @@ This is the version of `/etc/auto_smb` in Catalina:
 
     /System/Volumes/Data/mount/music    -fstype=smbfs,soft,noowners,nosuid,rw ://username:password@ip-address:/music
 
+## Restoring autofs after macOS updates
+
+The recent macOS updates seem to overwrite the `/etc/auto_master` file. You can try to set the file to read-only using the extended attributes of macOS. For more details see [this blog post](https://www.cyberciti.biz/faq/apple-osx-write-protecting-file-folders-bash-command/).
+
+```
+~ ❯ ls -lO /etc/auto_master                                         at 20:55:44
+-rw-r--r--  1 root  wheel  - 226 May  6 20:49 /etc/auto_master
+~ ❯ sudo chflags schg /etc/auto_master                        ✘ INT at 21:01:04
+~ ❯ ls -lO /etc/auto_master                                         at 21:01:10
+-rw-r--r--  1 root  wheel  schg 226 May  6 20:49 /etc/auto_master
+```
+
+The file is now write protected. You can try to edit it again with sudo and it will be read only. Its the same as when you set the file write protected in the finder.
+
+if you use
+
+```
+sudo chflags noschg /etc/auto_master 
+```
+
+it will be writeable again.
+
 # Access the folder and see autofs in action
 You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'sudo umount /Volumes/volumename' or 'sudo umount /mount/music' before we continue.
 

diff --git a/autofs.md b/autofs.md
@@ -38,9 +38,9 @@ Add this line to `/etc/auto_smb`:
 
 Unfortunately you will need to add the user and password to the resource :( You can try to lock it down further using the Mac OS permissions but that won't help when the attackers user got admin rights as well.
 
-## If you're using macOS Catalina 10.15
+## If you're using macOS Catalina 10.15 and macOS Big Sur 11
 
-You’ll just have to prepend your existing automount paths with `/System/Volumes/Data`. This is because Catalina creates a second APFS volume for your user data, whereby the existing system installation is moved to a read-only APFS volume.
+You’ll just have to prepend your existing automount paths with `/System/Volumes/Data`. This is because macOS creates a second APFS volume for your user data, whereby the existing system installation is moved to a read-only APFS volume.
 
 This is the version of `/etc/auto_smb` in Catalina:
 

diff --git a/autofs.md b/autofs.md
@@ -2,7 +2,7 @@
 With [autofs](http://www.apple.com/business/docs/Autofs.pdf) you can easily mount network volumes upon first access to the folder where you want to mount the volume. Autofs is available for many OS and is preinstalled on Mac OS X so I show you how I mounted my iTunes library folder using this method.
 
 # Prepare autofs to use a separate configuration file
-autofs needs to be configured so that it knows where to gets its configuration. Edit the file '/etc/auto_master' and add the last line:
+autofs needs to be configured so that it knows where to gets its configuration. Edit the file `/etc/auto_master` and add the last line:
 
     #
     # Automounter master map
@@ -17,29 +17,39 @@ autofs needs to be configured so that it knows where to gets its configuration.
 
 This will tell autofs to look for a file in the '/etc' folder with name 'auto_smb'. In this case I want to create a configuration for automatically mount SMB volumes. You are free to choose a different name and can also use afp/cifs/nfs etc.
 
+Be aware that macOS updates can overwrite this file! Make sure you'll check the content of this file after you've updated. I've encountered this behaviour with the latest macOS Catalina 10.15.7 supplemental update.
+
 # Content of the configuration file
 Normally Mac OS X tries to mount network shares into the '/Volumes' folder. This is the default folder for all mounted shares on a mac. However, if you try to directly mount into this folder, autofs will fail. You just add a '/../' in front of your desired mount path and Mac OS X will even accept the Volumes folder. However, some Mac OS Version doesn't like this so I switched over to use my own folder named '/mount'.
 
 ## If you want to configure AFP, do it like this:
 
-So add this line to '/etc/auto_afp':
+So add this line to `/etc/auto_afp`:
 
     /../Volumes/music	-fstype=afp,rw afp://ip-address:/music
 
 Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file. 
 
 ## If you want to configure SMB, do it like this:
 
-Add this line to '/etc/auto_smb':
+Add this line to `/etc/auto_smb`:
 
     /mount/music    -fstype=smbfs,soft,noowners,nosuid,rw ://username:password@ip-address:/music
 
 Unfortunately you will need to add the user and password to the resource :( You can try to lock it down further using the Mac OS permissions but that won't help when the attackers user got admin rights as well.
 
+## If you're using macOS Catalina 10.15
+
+You’ll just have to prepend your existing automount paths with `/System/Volumes/Data`. This is because Catalina creates a second APFS volume for your user data, whereby the existing system installation is moved to a read-only APFS volume.
+
+This is the version of `/etc/auto_smb` in Catalina:
+
+    /System/Volumes/Data/mount/music    -fstype=smbfs,soft,noowners,nosuid,rw ://username:password@ip-address:/music
+
 # Access the folder and see autofs in action
 You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'sudo umount /Volumes/volumename' or 'sudo umount /mount/music' before we continue.
 
-You can now switch to '/Volumes/music' or '/mount/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
+You can now switch to '/Volumes/music' or '/mount/music' folder or let it list on the terminal. If you're using macOS Catalina you can open `/System/Volumes/Data/mount/music`. Once you do that autofs will automatically try to mount the desired volume into this folder.
 
 # See an example and explanation in action
-Visit my [blog post](http://blog.centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail.
+Visit my [blog post](https://centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail. A complete list of blog posts with autofs can be found [here](https://centurio.net/tag/autofs/).
diff --git a/autofs.md b/autofs.md
@@ -12,23 +12,34 @@ autofs needs to be configured so that it knows where to gets its configuration.
     /home			auto_home	-nobrowse,hidefromfinder
     /Network/Servers	-fstab
     /-			-static
-    /-			auto_afp	-nobrowse,nosuid
+    /-          auto_smb    -nosuid,noowners
+    #/-			auto_afp	-nobrowse,nosuid
 
-This will tell autofs to look for a file in the '/etc' folder with name 'auto_afp'. In this case I want to create a configuration for automatically mount AFP volumes. You are free to choose a different name and can also use smb/cifs/nfs etc.
+This will tell autofs to look for a file in the '/etc' folder with name 'auto_smb'. In this case I want to create a configuration for automatically mount SMB volumes. You are free to choose a different name and can also use afp/cifs/nfs etc.
 
 # Content of the configuration file
-Normally Mac OS X tries to mount network shares into the '/Volumes' folder. This is the default folder for all mounted shares on a mac. However, if you try to directly mount into this folder, autofs will fail. I found better solution in [this gist](https://gist.github.com/lawrencealan/8697518). You just add a '/../' in front of your desired mount path and Mac OS X will even accept the Volumes folder.
+Normally Mac OS X tries to mount network shares into the '/Volumes' folder. This is the default folder for all mounted shares on a mac. However, if you try to directly mount into this folder, autofs will fail. You just add a '/../' in front of your desired mount path and Mac OS X will even accept the Volumes folder. However, some Mac OS Version doesn't like this so I switched over to use my own folder named '/mount'.
+
+## If you want to configure AFP, do it like this:
 
 So add this line to '/etc/auto_afp':
 
-    /../Volumes/music	-fstype=afp,rw afp://192.168.100.10:/music
+    /../Volumes/music	-fstype=afp,rw afp://ip-address:/music
+
+Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file. 
+
+## If you want to configure SMB, do it like this:
+
+Add this line to '/etc/auto_smb':
+
+    /mount/music    -fstype=smbfs,soft,noowners,nosuid,rw ://username:password@ip-address:/music
 
-Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file. You can also exchange the fstype with smb or similar, but then you'll need to take care of the network path as well.
+Unfortunately you will need to add the user and password to the resource :( You can try to lock it down further using the Mac OS permissions but that won't help when the attackers user got admin rights as well.
 
 # Access the folder and see autofs in action
-You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'unmount /Volumes/volumename' before we continue.
+You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'sudo umount /Volumes/volumename' or 'sudo umount /mount/music' before we continue.
 
-You can now switch to '/Volumes/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
+You can now switch to '/Volumes/music' or '/mount/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
 
 # See an example and explanation in action
 Visit my [blog post](http://blog.centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail.
diff --git a/autofs.md b/autofs.md
@@ -31,4 +31,4 @@ You now need to restart the autofs service with the command 'sudo automount -cv'
 You can now switch to '/Volumes/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
 
 # See an example and explanation in action
-Visit my [http://blog.centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/](blog post) where I explain this gist a little bit more in detail.
+Visit my [blog post](http://blog.centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/) where I explain this gist a little bit more in detail.
diff --git a/autofs.md b/autofs.md
@@ -31,4 +31,4 @@ You now need to restart the autofs service with the command 'sudo automount -cv'
 You can now switch to '/Volumes/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
 
 # See an example and explanation in action
-Visit my blog post where I explain this gist a little bit more in detail.
+Visit my [http://blog.centurio.net/2016/03/16/automount-network-shares-on-mac-os-for-use-in-itunes/](blog post) where I explain this gist a little bit more in detail.
diff --git a/autofs.md b/autofs.md
@@ -23,7 +23,7 @@ So add this line to '/etc/auto_afp':
 
     /../Volumes/music	-fstype=afp,rw afp://192.168.100.10:/music
 
-Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file.
+Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file. You can also exchange the fstype with smb or similar, but then you'll need to take care of the network path as well.
 
 # Access the folder and see autofs in action
 You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'unmount /Volumes/volumename' before we continue.

diff --git a/autofs.md b/autofs.md
@@ -0,0 +1,34 @@
+# Autofs on Mac OS X
+With [autofs](http://www.apple.com/business/docs/Autofs.pdf) you can easily mount network volumes upon first access to the folder where you want to mount the volume. Autofs is available for many OS and is preinstalled on Mac OS X so I show you how I mounted my iTunes library folder using this method.
+
+# Prepare autofs to use a separate configuration file
+autofs needs to be configured so that it knows where to gets its configuration. Edit the file '/etc/auto_master' and add the last line:
+
+    #
+    # Automounter master map
+    #
+    +auto_master		# Use directory service
+    /net			-hosts		-nobrowse,hidefromfinder,nosuid
+    /home			auto_home	-nobrowse,hidefromfinder
+    /Network/Servers	-fstab
+    /-			-static
+    /-			auto_afp	-nobrowse,nosuid
+
+This will tell autofs to look for a file in the '/etc' folder with name 'auto_afp'. In this case I want to create a configuration for automatically mount AFP volumes. You are free to choose a different name and can also use smb/cifs/nfs etc.
+
+# Content of the configuration file
+Normally Mac OS X tries to mount network shares into the '/Volumes' folder. This is the default folder for all mounted shares on a mac. However, if you try to directly mount into this folder, autofs will fail. I found better solution in [this gist](https://gist.github.com/lawrencealan/8697518). You just add a '/../' in front of your desired mount path and Mac OS X will even accept the Volumes folder.
+
+So add this line to '/etc/auto_afp':
+
+    /../Volumes/music	-fstype=afp,rw afp://192.168.100.10:/music
+
+Mac OS X is clever enough to lookup the username and password from the Mac keychain so there's no need to add the username and password in clear text to the configuration file.
+
+# Access the folder and see autofs in action
+You now need to restart the autofs service with the command 'sudo automount -cv'. If you now type mount, you'll see a listing of currently mounted volumes. Your desired volume shouldn't be mounted, so unmount it with 'unmount /Volumes/volumename' before we continue.
+
+You can now switch to '/Volumes/music' folder or let it list on the terminal. Once you do that autofs will automatically try to mount the desired volume into this folder.
+
+# See an example and explanation in action
+Visit my blog post where I explain this gist a little bit more in detail.
diff --git a/gistfile1.txt b/gistfile1.txt
@@ -1 +0,0 @@
-edit

diff --git a/gistfile1.txt b/gistfile1.txt
@@ -0,0 +1 @@
+edit
No results found