Le dim 26/01/2003 à 06:03, Joe Lewis a écrit : > G'Day. I am a newbie to the list, but just thought I'd take a stab at > this. It sounds like you were having a problem gettingg a module to > mount devices prior to authentication. (Obviously, I am not very > familiar with this pam_mount module, so I know I am treading on thin > ice here.) > > It looks like you are forcing the pam_mount module to work as a > session module, in which case, it would have to mount their drives in > the pam_sm_open_session. That would require the mounting to occur in > the pam_sm_open_session, rather than the pam_sm_authenticate. You > might try placing the > > session required pam_mkdir.so > session required pam_mount.so > No, that's what I said, the pam_mount module is badly written and looking to the code, you will see that it mounts the volumes in the auth part. That's not what I learn reading through the pam documentation about the purpose of auth. It should mount the volumes in the session part and if so... I'd never write here because my problem would be solved since a while ;) > as auth modules, instead, and see if it works. Still, if the > authentication is good, and pam_ldap succeeds, you should get a shell, > reguardless of the users home directory being mounted or created. Try > creating one users home directory and connecting. If it still fails, > the problem may exist in your pam_ldap configuration. So, just run a > couple of tests, and you should be able to determine exactly where the > problem occured. If I mount using smb_mount only, it works, because mounts are made in the auth part. But, In want smb_mount to mount into specifics directories (created by pam_mkdir before). And I wrote pam_mkdir according to the doc and directories are made in the session part (well, after smb_mount !!). > > (BTW: isn't a module that returns PAM_SUCCESS supposed to do something > in that function? If not, it should return PAM_IGNORE, right?) > Did to see the whole function I've cut and paste here ? The only function of pam_sm_open_session us to return PAM_SUCCESS. That means that nothing happens using session for pam_mount. Thanks, -- Sébastien Tricaud <stricaud@mwsp.net> _______________________________________________ Pam-list@redhat.com https://listman.redhat.com/mailman/listinfo/pam-list
