On Sun, Jul 06, 2003 at 09:25:15PM +0200, Troels Liebe Bentsen wrote:
> 3. pam_mkhomedir is called, the effective uid is still root, and the
> real uid is now the one of the users we su'ed to(eg. test). But since
> we on linux have fsuid/fsgid and this is used for filesystem access,
> this makes it imposible for us to create a directory under /home
> because is owned by root and set to 750.
^^^^^
that is probably your problem, see if it works if you set /home to
755.
if its root.root 750 then the user won't be able to access anything
under /home, including his home directory, regardless of what
permissions it has.
if your intent was to prevent other users from listing /home then set
it to root:root 751. but this is really quite silly since anyone can
still ls a directory in there if they know the name in advance, and
the world readable /etc/passwd will tell them exactly what is under /home.
there is no security threat from /home being world readable anyway,
users should set perms on thier home directory to reflect the level of
privacy they desire.
--
Ethan Benson
http://www.alaska.net/~erbenson/
Attachment:
pgp00091.pgp
Description: PGP signature
