[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: smbmount and PAM



On Mon, 27 Mar 2000, Steve Langasek wrote:

> On Sat, 25 Mar 2000, Rob Bos wrote:
> 
> > I would like to be able to have PAM (or any utility) automatically mount SMB
> > volumes.  The user name and password to access a given share on that volume -
> > \\sphinx\$username -U $username -P $passwd - are required.  As it stands, any
> > linux implementation in the computer labs that automatically mounts user home
> > directories will require the user to enter the password twice.
> 
> > I'd like to avoid this; is it conceivable to use a PAM module to pass the
> > user's password to smbmount as entered?  Is PAM designed to make this
> > possible? If so, how?! ;)
> 
> It is possible to do this with PAM.  What you would need is a special PAM
> module that takes the password from a successful authentication and passes it
> to a mount command.
> 
> On the subject of passing password items around, the Linux-PAM documentation
> says:
> 
> PAM_AUTHTOK
>           The authentication token (password). This token should be
>           ignored by all module functions besides pam_sm_authenticate()
>           and pam_sm_chauthtok(). In the former function it is used to
>           pass the most recent authentication token from one stacked
>           module to another. In the latter function the token is used for
>           another purpose. It contains the currently active
>           authentication token.
> 
> However, it seems to me that what you want is a closer fit for a session
> module than an authentication module.  Since the above recommendation is not
> enforced in the library, I think it's better to do this as a session module
> (just IMHO, of course).
> 
> I would also recommend implementing this against the new (Samba 2.0.6) version
> of smbmount, so that the pam module can simply call /bin/mount:  in theory,
> the module would then be usable for other types of
> password-authenticated filesystems as well.

Forget about my previous post; although autofs may seem a good option, I
have no idea how to pass the password to autofs. I lost sight of the
problem as a whole :-)

Cheers,
Misa

-- 
Mihai Ibanescu



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []