mounting active directory share with pam_mount
Juan Miscaro
scry_mr at yahoo.ca
Tue Jul 10 15:35:12 UTC 2007
Hi everyone,
I am having trouble mounting a share on my AD server upon login.
I am using pam_mount. Here is log activity when user 'peter' logs in
(with Ubuntu client) and is authenticated by AD server. There is a
share called 'peter' on the server (netbios name WIN2003) and the mount
point is /home/PRIVATE/peter (see later for pam_mount.conf file):
=====================
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' OK
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: (pam_unix) session opened for
user peter by (uid=0)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:428) back
from global readconfig
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:430)
per-user configurations not allowed by pam_mount.conf
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:461)
pam_sm_open_session: real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(readconfig.c:418)
checking sanity of volume record (peter)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:476)
about to perform mount operations
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:368)
information for mount:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:369)
----------------------
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:370) (defined
by globalconf)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:373) user:
peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:374) server:
WIN2003
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:375) volume:
peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:376)
mountpoint: /home/PRIVATE/peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:377) options:
uid=peter,gid=peter,dmask=0750,workgroup=WORKGROUP
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:378)
fs_key_cipher:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:379)
fs_key_path:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:380)
use_fstab: 0
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:381)
----------------------
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:177) realpath
of volume "/home/PRIVATE/peter" is "/home/PRIVATE/peter"
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:182) checking
to see if //WIN2003/peter is already mounted at /home/PRIVATE
/peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:799) checking
for encrypted filesystem key configuration
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:819) about to
start building mount command
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/bin/mount [-t] [cifs] [//WIN2003/peter] [/home/PRIVATE/peter]
[-o] [user=peter,uid=502,gid=502,uid=peter,gid=peter,dmask=0750,
Jul 9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:851) mount
errors (should be empty):
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:341) set_myuid(pre): real uid/gid=0:502, effective ui
d/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:376) set_myuid(post): real uid/gid=0:502, effective u
id/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:854) waiting
for mount
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:480)
mount of peter failed
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:123)
clean system authtok (0)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/usr/sbin/pmvarrun [-u] [peter] [-o] [1]
Jul 9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:360)
pmvarrun says login count is 1
Jul 9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:493) done
opening session
=====================
There are no "mount errors" but still "mount of peter failed".
Here is pam_mount.conf:
=====================
debug 1
mkmountpoint 1
fsckloop /dev/loop7
luserconf .pam_mount.conf
options_allow nosuid,nodev
options_deny suid,dev
options_require nosuid,nodev
lsof /usr/bin/lsof %(MNTPT)
fsck /sbin/fsck -p %(FSCKTARGET)
cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbmount /usr/bin/smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o
"username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbumount /usr/bin/smbumount %(MNTPT)
umount /bin/umount %(MNTPT)
volume * cifs WIN2003 & /home/PRIVATE/&
uid=&,gid=&,dmask=0750,workgroup=WORKGROUP - -
=====================
Here are my other pam files,
/etc/pam.d/common-auth:
auth required pam_mount.so
auth sufficient pam_winbind.so use_first_pass
auth required pam_unix.so nullok_secure use_first_pass
/etc/pam.d/common-pammount:
auth optional pam_mount.so use_first_pass
session optional pam_mount.so use_first_pass
/etc/pam.d/common-session:
session required pam_unix.so
session required pam_mkhomedir.so umask=0022 skel=/etc/skel
session optional pam_mount.so
Can someone please tell me what is going wrong?
Juan
Get news delivered with the All new Yahoo! Mail. Enjoy RSS feeds right on your Mail page. Start today at http://mrd.mail.yahoo.com/try_beta?.intl=ca
More information about the Pam-list
mailing list