Here is what I did After add a line to pam_mkhomedir.c _log_err(LOG_DEBUG," current uid is %s(%d)\n",pwd->pw_name,pwd->pw_uid); if (mkdir(pwd->pw_dir,0700) != 0) { perror("create directory error"); free(remark); _log_err(LOG_DEBUG, "unable to create home directory %s",pwd->pw_dir); return PAM_PERM_DENIED; } Then I got: # su ppp Creating home directory '/home/ppp'. create directory error: Permission denied Check syslog Aug 6 21:53:52 Whisper PAM-mkhomedir[11266]: current uid is ppp(545) Aug 6 21:53:52 Whisper PAM-mkhomedir[11266]: unable to create home directory /home/ppp Aug 6 21:53:52 Whisper su(pam_unix)[11266]: session opened for user ppp by ppp(uid=0) That means current user is ppp before mkdir , run shell mkdir under /home directory, of course, got same message: permission denied. Then #chmod 777 home, #su ppp , the /home/ppp is created without any problem, so far anything make sense to me. But look this: when I use ssh to login ppp, syslog says: Aug 6 22:03:13 Whisper PAM-mkhomedir[11280]: current uid is ppp(545) After that, I found /home/ppp was created successfully! I thought su had problem, but now I am wondering how come ssh login succeed! Any idea? Thanks Min -----Original Message----- From: pam-list-admin@redhat.com [mailto:pam-list-admin@redhat.com]On Behalf Of Nalin Dahyabhai Sent: Tuesday, August 06, 2002 10:44 AM To: pam-list@redhat.com Subject: Re: pam_mkhomedir doesn't work for su? On Mon, Aug 05, 2002 at 06:38:58PM -0700, Chen Min wrote: > session optional /lib/security/pam_mkhomedir.so skel=/etc/skel > umask=0022 > session required /lib/security/pam_limits.so > session required /lib/security/pam_unix.so > session optional /lib/security/pam_ldap.so > > pam_mkhomedire.so is added to create home directory for LDAP user. It works > fine for ssh and console login, then I tried su > #su ppp > Creating directory '/home/ppp'. > $ > Open /home directory, ppp isn't there. In order to get error message from > pam_mkhomedire.so, change to > session optional /lib/security/pam_mkhomedir.so skel=/etc/skel > umask=0022 debug > > it print out a message: unknown option, debug. A peek at the source shows that it doesn't have a debug option, which is pretty strange. Are you using an automounter on /home? If you configure syslog to log debug messages (by adding a line "*.debug /var/log/debug" to /etc/syslog.conf and restarting syslogd), do the logs indicate the reason why it might have failed? Nalin _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list