mounting active directory share with pam_mount

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi everyone,

I am having trouble mounting a share on my AD server upon login.

I am using pam_mount.  Here is log activity when user 'peter' logs in
(with Ubuntu client) and is authenticated by AD server.  There is a
share called 'peter' on the server (netbios name WIN2003) and the mount
point is /home/PRIVATE/peter (see later for pam_mount.conf file):


=====================
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' OK
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: (pam_unix) session opened for
user peter by (uid=0)
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:428) back
from global readconfig 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:430)
per-user configurations not allowed by pam_mount.conf 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:461)
pam_sm_open_session: real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(readconfig.c:418)
checking sanity of volume record (peter) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:476)
about to perform mount operations 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:368)
information for mount: 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:369)
---------------------- 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:370) (defined
by globalconf) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:373) user:   
      peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:374) server: 
      WIN2003 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:375) volume: 
      peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:376)
mountpoint:    /home/PRIVATE/peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:377) options:
      uid=peter,gid=peter,dmask=0750,workgroup=WORKGROUP
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:378)
fs_key_cipher:  
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:379)
fs_key_path:    
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:380)
use_fstab:   0 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:381)
---------------------- 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:177) realpath
of volume "/home/PRIVATE/peter" is "/home/PRIVATE/peter" 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:182) checking
to see if //WIN2003/peter is already mounted at /home/PRIVATE
/peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:799) checking
for encrypted filesystem key configuration 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:819) about to
start building mount command 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/bin/mount [-t] [cifs] [//WIN2003/peter] [/home/PRIVATE/peter]
 [-o] [user=peter,uid=502,gid=502,uid=peter,gid=peter,dmask=0750, 
Jul  9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:851) mount
errors (should be empty): 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:341) set_myuid(pre): real uid/gid=0:502, effective ui
d/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:376) set_myuid(post): real uid/gid=0:502, effective u
id/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:854) waiting
for mount 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:480)
mount of peter failed 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:123)
clean system authtok (0) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/usr/sbin/pmvarrun [-u] [peter] [-o] [1]
Jul  9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:360)
pmvarrun says login count is 1 
Jul  9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:493) done
opening session
=====================


There are no "mount errors" but still "mount of peter failed".


Here is pam_mount.conf:

=====================
debug 1
mkmountpoint 1
fsckloop /dev/loop7

luserconf .pam_mount.conf
options_allow nosuid,nodev
options_deny suid,dev
options_require nosuid,nodev

lsof /usr/bin/lsof %(MNTPT)
fsck /sbin/fsck -p %(FSCKTARGET)

cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbmount /usr/bin/smbmount   //%(SERVER)/%(VOLUME) %(MNTPT) -o
"username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbumount /usr/bin/smbumount %(MNTPT)
umount /bin/umount %(MNTPT)

volume * cifs WIN2003 & /home/PRIVATE/&
uid=&,gid=&,dmask=0750,workgroup=WORKGROUP - -
=====================


Here are my other pam files,


/etc/pam.d/common-auth:

auth required pam_mount.so
auth sufficient pam_winbind.so use_first_pass
auth required pam_unix.so nullok_secure use_first_pass


/etc/pam.d/common-pammount:

auth       optional   pam_mount.so use_first_pass
session    optional   pam_mount.so use_first_pass


/etc/pam.d/common-session:

session required        pam_unix.so
session required        pam_mkhomedir.so umask=0022 skel=/etc/skel
session optional        pam_mount.so


Can someone please tell me what is going wrong?

   Juan


      Get news delivered with the All new Yahoo! Mail.  Enjoy RSS feeds right on your Mail page. Start today at http://mrd.mail.yahoo.com/try_beta?.intl=ca

_______________________________________________
Pam-list mailing list
Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list

[Index of Archives]     [Fedora Users]     [Kernel]     [Red Hat Install]     [Linux for the blind]     [Gimp]

  Powered by Linux