Marcus Moeller wrote:
Hi all, I am a bit confused about the usage of pam_mount. Here is my /etc/pam.d/system-auth: auth required pam_env.so auth required pam_mount.so
add use_first_pass to this??
auth sufficient pam_unix.so nullok try_first_pass auth requisite pam_succeed_if.so uid >= 500 quiet auth sufficient pam_krb5.so use_first_pass auth required pam_deny.so account required pam_unix.so broken_shadow account sufficient pam_localuser.so account sufficient pam_succeed_if.so uid < 500 quiet account [default=bad success=ok user_unknown=ignore] pam_krb5.so account required pam_permit.so password requisite pam_cracklib.so try_first_pass retry=3 password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok password sufficient pam_krb5.so use_authtok password required pam_deny.so session optional pam_keyinit.so revoke session required pam_limits.so session optional pam_mkhomedir.so session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid session required pam_unix.so session optional pam_krb5.so session optional pam_mount.so If pam_mount.so is listed in the session definition I will be asked for the password a second time during SSH login: At this stage the share is already mounted. I can just remove the: session optional pam_mount.so from system-auth which seem to work fine. Even the share is unmounted successfully on logout. So my question is: what is the session entry used for within pam_mount (as the usage is suggested in the man page and in the docs)? Best Regards Marcus _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
begin:vcard fn:Rob Kampen n:Kampen;Rob email;internet:rkampen@xxxxxxxxxxxxxxxxx tel;work:407-896-9556 x6344 tel;fax:407-896-7607 tel;home:407-876-4854 tel;cell:407-341-3815 version:2.1 end:vcard
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
