pam_mount problem
Murray Trainer
mtrainer at central-data.net
Fri May 19 16:57:24 UTC 2006
On Fri, 2006-05-19 at 13:47 +0200, Martin Obermair wrote:
> Murray Trainer wrote:
> > On Fri, 2006-05-19 at 11:08 +0200, Martin Obermair wrote:
> >
> >> thank you for your fast answer!
> >>
> >> manually mounting is working fine!
> >>
> >> debug is /etc/security/mount_pam.conf is on!
> >>
> >> i have a debug output in /var/log/auth.log (ubuntu)
> >>
> >> here is say: no volumes to mount!
> >>
> >> i guess it's not a problem with pam service or smbmount.
> >> i must be a problem with my mount_pam.conf but i can't see it :-(
> >>
> >> here is my log output:
> >>
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: path to luserconf set to
> >> /home/mobermair/.pam_mount.conf
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: reading options_allow...
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: back from global readconfig
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: going to readconfig user
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: ignoring volume record
> >> user... (not for me)
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: back from user readconfig
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: no volumes to mount
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: real and effective user ID
> >> are 0 and 0.
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: clean system authtok (0)
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: command:
> >> /usr/sbin/pmvarrun [-u] [mobermair] [-d] [-o] [1]
> >> May 19 08:59:17 ubuntu1 gdm[5795]: pam_mount: setting uid to 0
> >> May 19 08:59:17 ubuntu1 gdm[5795]: pam_mount: real user/group IDs are
> >> 0/1000, effective is 0/1000
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: error waiting for child
> >> May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: done opening session
> >>
> >> i don't want this feature via ssh. only for local logins!
> >> (/etc/pam.d/gdm)
> >>
> >> regards
> >>
> >> Murray Trainer wrote:
> >>
> >>> On Fri, 2006-05-19 at 09:46 +0200, Martin Obermair wrote:
> >>>
> >>>
> >>>> hello together,
> >>>>
> >>>> i am to stupid to configure pam_mount correctly.
> >>>>
> >>>> i configurd /etc/pam.d/gdm to automount a smb share on gnome-login.
> >>>>
> >>>> the pam entries seems to be correct (i've got entries in /var/log/auth.log)
> >>>>
> >>>> her is my local user config ~/.pam_mount.conf:
> >>>>
> >>>> volume user smbfs samba POST /home/martin/POST - - -
> >>>>
> >>>> (samba = name of samber server in our network
> >>>> POST = name of samba share
> >>>> /home/martn/POST = mount point)
> >>>>
> >>>> on login in get an error message:
> >>>>
> >>>> no volumes to mount!
> >>>>
> >>>> both config files (local and /etc/security/pam_mount.conf) are chmod
> >>>> 777!!!!
> >>>>
> >>>> /etc/security/pam_mount.conf:
> >>>>
> >>>> debug 1
> >>>> mkmountpoint 1
> >>>> fsckloop /dev/loop7
> >>>> luserconf .pam_mount.conf
> >>>> options_allow nosuid,nodev,loop,encryption,fsck
> >>>>
> >>>> lsof /usr/sbin/lsof %(MNTPT)
> >>>> fsck /sbin/fsck -p %(FSCKTARGET)
> >>>> losetup /sbin/losetup -p0 "%(before=\"-e\" CIPHER)" "%(before=\"-k\" KEYBITS)" %(FSCKLOOP) %(VOLUME)
> >>>> unlosetup /sbin/losetup -d %(FSCKLOOP)
> >>>> cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
> >>>>
> >>>> smbmount /usr/bin/smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
> >>>> ncpmount /usr/bin/ncpmount %(SERVER)/%(USER) %(MNTPT) -o "pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)"
> >>>> smbumount /usr/bin/smbumount %(MNTPT)
> >>>> ncpumount /usr/bin/ncpumount %(MNTPT)
> >>>>
> >>>>
> >>>> umount /bin/umount %(MNTPT)
> >>>>
> >>>> lclmount /bin/mount -p0 -t %(FSTYPE) %(VOLUME) %(MNTPT) "%(before=\"-o\" OPTIONS)"
> >>>> cryptmount /bin/mount -t crypt "%(before=\"-o\" OPTIONS)" %(VOLUME) %(MNTPT)
> >>>> nfsmount /bin/mount %(SERVER):%(VOLUME) %(MNTPT) "%(before=\"-o\" OPTIONS)"
> >>>> mntagain /bin/mount --bind %(PREVMNTPT) %(MNTPT)
> >>>>
> >>>> mntcheck /bin/mount # For BSD's (don't have /etc/mtab)
> >>>> pmvarrun /usr/sbin/pmvarrun -u %(USER) -d -o %(OPERATION)
> >>>>
> >>>> i've tried all kinds of configuration but i never mounted a file system
> >>>> (i think i am to stupid!)
> >>>>
> >>>> thanks
> >>>>
> >>>> greetinx from bavaria!
> >>>>
> >>>> martin
> >>>>
> >>>>
> >>> Hi Martin,
> >>>
> >>> Try mounting the share manually first - eg.
> >>>
> >>> smbclient -U userid //server/sharename
> >>>
> >>> Have you added the required pam_mount lines to the appropriate service
> >>> file in /etc/pam.d. Use the login service and test it using a console
> >>> command line login with debug turned on in pam_mount.conf to see what is
> >>> happening. There is an unresolved bug with using pam_mount with ssh so
> >>> it probably wont work logging in via ssh.
> >>>
> >>> Regards
> >>>
> >>> Murray
> >>>
> >
> > Do you have something like the following at the end of the
> > pam_mount.conf to actually do the mounting?
> >
> > # An example using spaces:
> > # volume * smb krueger 'Home\ Directories' /home/& - - -
> > volume * cifs ldap & /home/& username=& - -
> >
> >
> > _______________________________________________
> > Pam-list mailing list
> > Pam-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/pam-list
> >
> hi
>
> i will a user specific mounting so the 'mounting rule' are in
> $HOME/.pam_mount.conf
>
> i tried also the mounting in /etc/security/pam_mounting.conf and
> disabled the local user file (luserconf .pam_mount.conf) and put 'volume
> user smbfs samba POST /home/martin/POST - - -' into
> /etc/security/pam_mounting.conf
>
> i have no idea why it isn't working!
>
> thanks a lot!
>
> regards
>
> martin
The file in /etc/security should be pam_mount.conf not
pam_mounting.conf. You should see some logging on the command line or
in /var/log/messages when the user logs in to tell you what is
happening. If not check you have both the required entries in the file
for the service you are logging in with in /etc/pam.d.
Murray
More information about the Pam-list
mailing list