I am new to the list, but havn't found my topic of interest discussed in the archives.
I have successfully got authentication working using pam_ldap on a redhat7.3 system. I also have pam_mkhomedir working correctly for interactive logins and ftp sessions - by adding the following to my /etc/pam.d/system-auth file:
session required /lib/security/pam_mkhomedir.so
I'd like to use ldap to store account information for an imap email server - however the pam_mkhomedir doesn't seem to run when I authenticate my imap connection. I take it this is because the imap server only lists management groups auth and account - adding the following line to /etc/pam.d/imap did not help:
session required /lib/security/pam_stack.so service=system-auth
I'd like to know whether my required behaviour (home directory created on first imap login) is possible configuring when pam "out of the box", or whether I'll need to modify some source code to achieve the outcome. How would I make the imap server require the "session" management group - and hence create the home directory via pam_mkhomedir ? Would I need to hack the pam modules, or the the imap server itself?
Another related question... I'd like to make the pam_mkdir module do more
than just create a homedir from /etc/skel and set the umask. I'd also
like to have it set a quota for the user of this new homedirectory, and
perform other commands such as creating a database if the user belongs to
a certain group. I have identified a location in
modules/pam_mkhomedir/pam_mkhomedir.c where I could run a "system()" command to perform the other tasks. Is there a better way ?
Any assistance is greatly appreciated.
Many Thanks
Tim.
-- ============================================================================== Tim Rayner - Networks Team Leader | Email : trayner@xxxxxxxxxx Charles Sturt University | Mail : P.O. Box 789, Albury,NSW, 2640 Phone : (02) 6051 9886 | Fax : (02) 6051 9919 ==============================================================================
_______________________________________________ Pam-list@xxxxxxxxxx https://listman.redhat.com/mailman/listinfo/pam-list