pam_mount problem

Murray Trainer mtrainer at central-data.net
Mon May 22 09:58:17 UTC 2006 

On Mon, 2006-05-22 at 11:27 +0200, Martin Obermair wrote:
> Murray Trainer schrieb:
> 
> >On Fri, 2006-05-19 at 13:47 +0200, Martin Obermair wrote:
> >  
> >
> >>Murray Trainer wrote:
> >>    
> >>
> >>>On Fri, 2006-05-19 at 11:08 +0200, Martin Obermair wrote:
> >>>  
> >>>      
> >>>
> >>>>thank you for your fast answer!
> >>>>
> >>>>manually mounting is working fine!
> >>>>
> >>>>debug is /etc/security/mount_pam.conf is on!
> >>>>
> >>>>i have a debug output in /var/log/auth.log (ubuntu)
> >>>>
> >>>>here is say: no volumes to mount!
> >>>>
> >>>>i guess it's not a problem with pam service or smbmount.
> >>>>i must be a problem with my mount_pam.conf but i can't see it :-(
> >>>>
> >>>>here is my log output:
> >>>>
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: path to luserconf set to 
> >>>>/home/mobermair/.pam_mount.conf
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: reading options_allow...
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: back from global readconfig
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: going to readconfig user
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: ignoring volume record 
> >>>>user... (not for me)
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: back from user readconfig
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: no volumes to mount
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: real and effective user ID 
> >>>>are 0 and 0.
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: clean system authtok (0)
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: command: 
> >>>>/usr/sbin/pmvarrun [-u] [mobermair] [-d] [-o] [1]
> >>>>May 19 08:59:17 ubuntu1 gdm[5795]: pam_mount: setting uid to 0
> >>>>May 19 08:59:17 ubuntu1 gdm[5795]: pam_mount: real user/group IDs are 
> >>>>0/1000, effective is 0/1000
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: error waiting for child
> >>>>May 19 08:59:17 ubuntu1 gdm[5773]: pam_mount: done opening session
> >>>>
> >>>>i don't want this feature via ssh. only for local logins!
> >>>>(/etc/pam.d/gdm)
> >>>>
> >>>>regards
> >>>>
> >>>>Murray Trainer wrote:
> >>>>    
> >>>>        
> >>>>
> >>>>>On Fri, 2006-05-19 at 09:46 +0200, Martin Obermair wrote:
> >>>>>  
> >>>>>      
> >>>>>          
> >>>>>
> >>>>>>hello together,
> >>>>>>
> >>>>>>i am to stupid to configure pam_mount correctly.
> >>>>>>
> >>>>>>i configurd /etc/pam.d/gdm to automount a smb share on gnome-login.
> >>>>>>
> >>>>>>the pam entries seems to be correct (i've got entries in /var/log/auth.log)
> >>>>>>
> >>>>>>her is my local user config ~/.pam_mount.conf:
> >>>>>>
> >>>>>>volume user smbfs samba POST /home/martin/POST - - -
> >>>>>>
> >>>>>>(samba = name of samber server in our network
> >>>>>>POST = name of samba share
> >>>>>>/home/martn/POST = mount point)
> >>>>>>
> >>>>>>on login in get an error message:
> >>>>>>
> >>>>>>no volumes to mount!
> >>>>>>
> >>>>>>both config files (local and /etc/security/pam_mount.conf) are chmod 
> >>>>>>777!!!!
> >>>>>>
> >>>>>>/etc/security/pam_mount.conf:
> >>>>>>
> >>>>>>debug 1
> >>>>>>mkmountpoint 1
> >>>>>>fsckloop /dev/loop7
> >>>>>>luserconf .pam_mount.conf
> >>>>>>options_allow	nosuid,nodev,loop,encryption,fsck
> >>>>>>
> >>>>>>lsof /usr/sbin/lsof %(MNTPT)
> >>>>>>fsck /sbin/fsck -p %(FSCKTARGET)
> >>>>>>losetup /sbin/losetup -p0 "%(before=\"-e\" CIPHER)" "%(before=\"-k\" KEYBITS)" %(FSCKLOOP) %(VOLUME)
> >>>>>>unlosetup /sbin/losetup -d %(FSCKLOOP)
> >>>>>>cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
> >>>>>>
> >>>>>>smbmount /usr/bin/smbmount   //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
> >>>>>>ncpmount /usr/bin/ncpmount   %(SERVER)/%(USER) %(MNTPT) -o "pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)"
> >>>>>>smbumount /usr/bin/smbumount %(MNTPT)
> >>>>>>ncpumount /usr/bin/ncpumount %(MNTPT)
> >>>>>>
> >>>>>>
> >>>>>>umount /bin/umount %(MNTPT)
> >>>>>>
> >>>>>>lclmount /bin/mount -p0 -t %(FSTYPE) %(VOLUME) %(MNTPT) "%(before=\"-o\" OPTIONS)"
> >>>>>>cryptmount /bin/mount -t crypt "%(before=\"-o\" OPTIONS)" %(VOLUME) %(MNTPT)
> >>>>>>nfsmount /bin/mount %(SERVER):%(VOLUME) %(MNTPT) "%(before=\"-o\" OPTIONS)"
> >>>>>>mntagain /bin/mount --bind %(PREVMNTPT) %(MNTPT)
> >>>>>>
> >>>>>>mntcheck /bin/mount # For BSD's (don't have /etc/mtab)
> >>>>>>pmvarrun /usr/sbin/pmvarrun -u %(USER) -d -o %(OPERATION)
> >>>>>>
> >>>>>>i've tried all kinds of configuration but i never mounted a file system 
> >>>>>>(i think i am to stupid!)
> >>>>>>
> >>>>>>thanks
> >>>>>>
> >>>>>>greetinx from bavaria!
> >>>>>>
> >>>>>>martin
> >>>>>>    
> >>>>>>        
> >>>>>>            
> >>>>>>
> >>>>>Hi Martin,
> >>>>>
> >>>>>Try mounting the share manually first - eg.
> >>>>>
> >>>>>smbclient -U userid //server/sharename
> >>>>>
> >>>>>Have you added the required pam_mount lines to the appropriate service
> >>>>>file in /etc/pam.d.  Use the login service and test it using a console
> >>>>>command line login with debug turned on in pam_mount.conf to see what is
> >>>>>happening. There is an unresolved bug with using pam_mount with ssh so
> >>>>>it probably wont work logging in via ssh.
> >>>>>
> >>>>>Regards
> >>>>>
> >>>>>Murray
> >>>>>      
> >>>>>          
> >>>>>
> >>>Do you have something like the following at the end of the
> >>>pam_mount.conf to actually do the mounting?
> >>>
> >>># An example using spaces:
> >>># volume * smb krueger 'Home\ Directories' /home/& - - -
> >>>volume * cifs ldap & /home/&         username=&  - -
> >>>
> >>>
> >>>_______________________________________________
> >>>Pam-list mailing list
> >>>Pam-list at redhat.com
> >>>https://www.redhat.com/mailman/listinfo/pam-list
> >>>  
> >>>      
> >>>
> >>hi
> >>
> >>i will a user specific mounting so the 'mounting rule' are in 
> >>$HOME/.pam_mount.conf
> >>
> >>i tried also the mounting in /etc/security/pam_mounting.conf and 
> >>disabled the local user file (luserconf .pam_mount.conf) and put 'volume 
> >>user smbfs samba POST /home/martin/POST - - -' into 
> >>/etc/security/pam_mounting.conf
> >>
> >>i have no idea why it isn't working!
> >>
> >>thanks a lot!
> >>
> >>regards
> >>
> >>martin
> >>    
> >>
> >
> >The file in /etc/security should be pam_mount.conf not
> >pam_mounting.conf.  You should see some logging on the command line or
> >in /var/log/messages when the user logs in to tell you what is
> >happening.  If not check you have both the required entries in the file
> >for the service you are logging in with in /etc/pam.d.
> >
> >Murray
> >
> >
> >_______________________________________________
> >Pam-list mailing list
> >Pam-list at redhat.com
> >https://www.redhat.com/mailman/listinfo/pam-list
> >  
> >
> hi
> 
> thank you for answer!
> 
> the file is pam_mount.conf not pam_mountig.conf
> 
> i only want to use pammount with gdm!
> 
> i changed to a global config and tried a local mount only
> 
> the output in /var/log/auth.log is the same
> 
> May 22 10:55:27 localhost gdm[8747]: (pam_unix) session opened for user 
> mobermair by (uid=0)
> May 22 10:55:27 localhost gdm[8747]: pam_mount: reading options_allow...
> May 22 10:55:27 localhost gdm[8747]: pam_mount: ignoring volume record 
> (not for me)
> May 22 10:55:27 localhost gdm[8747]: pam_mount: ignoring volume record 
> (not for me)
> May 22 10:55:27 localhost gdm[8747]: pam_mount: back from global readconfig
> May 22 10:55:27 localhost gdm[8747]: pam_mount: per-user configurations 
> not allowed by pam_mount.conf
> May 22 10:55:27 localhost gdm[8747]: pam_mount: no volumes to mount
> May 22 10:55:27 localhost gdm[8747]: pam_mount: real and effective user 
> ID are 0 and 0.
> May 22 10:55:27 localhost gdm[8747]: pam_mount: clean system authtok (0)
> May 22 10:55:27 localhost gdm[8747]: pam_mount: command: 
> /usr/sbin/pmvarrun [-u] [mobermair] [-d] [-o] [1]
> May 22 10:55:27 localhost gdm[8774]: pam_mount: setting uid to 0
> May 22 10:55:27 localhost gdm[8774]: pam_mount: real and effective user 
> ID are 0 and 0.
> May 22 10:55:27 localhost gdm[8774]: pam_mount: real and effective group 
> ID are 1000 and 1000.
> May 22 10:55:27 localhost gdm[8747]: pam_mount: pmvarrun says login 
> count is 1
> May 22 10:55:27 localhost gdm[8747]: pam_mount: done opening session
> 
> 
> /etc/security/pam_mount.conf
> 
> *
> volume user local -  /tmp /home/test - - -
> *
> 
> on the weekend i changed from ubunte 6.04 dapper beta to 5.10 breezyx 
> badger with the same errors
> 
> so the problem is defenitve the person in front of the computer  ;-)
> 
> thanks a lot
> 
> martin

This error might be the problem ...

May 22 10:55:27 localhost gdm[8747]: pam_mount: per-user configurations 
not allowed by pam_mount.conf

You probably need to remove the # in front of the luserconf line
in /etc/security/pam_mount.conf as shown below:

# Format: luserconf <file>
# luserconf .pam_mount.conf

Murray

More information about the Pam-list mailing list