[Samba] Making winbindd and pam_mount play nice together (2nd try)
jim feldman
jmf at jim-liesl.org
Thu May 29 04:48:23 GMT 2003
We're trying to set up linux based workstations that use a win2k AD/DC for
authentication, and pam_mount to mount a share as the user's home directory.
It looks like winbind isn't passing on the credentials (although it is
getting us logged in). If anyone has made this work, I'd love the details.
It looks like winbind isn't passing the auth information
thanks
jim feldman
RH 7.3/samba 2.2.7a/pam_mount 0.90
Red Hat Linux release 7.3 (Valhalla)
Kernel 2.4.18-27.7.x on an i586
login: oterostaff1
Password:
pam_mount: adding to command: /usr/sbin/lsof lsof
pam_mount: reading options_require...
pam_mount: options: nosuid nodev
pam_mount: adding to command: /bin/mount mount -t smbfs
pam_mount: adding to command: /bin/umount umount
pam_mount: adding to command: /bin/mount mount -p0
pam_mount: checking sanity of volume record
pam_mount: back from global readconfig
pam_mount: does not exist or is not owned by user
pam_mount: expand_wildcard for &
pam_mount: expand_wildcard for oterostaff1
pam_mount: expand_wildcard for /home/winnt/&
pam_mount: expand_wildcard for /home/winnt/oterostaff1
pam_mount: expand_wildcard for uid=&,gid=&,dmask=0750,workgroup=MAIN
pam_mount: expand_wildcard for
uid=oterostaff1,gid=&,dmask=0750,workgroup=MAIN
pam_mount: expand_wildcard for
uid=oterostaff1,gid=oterostaff1,dmask=0750,workgroup=MAIN
pam_mount: real and effective user ID are 0 and 0.
pam_mount: about to perform mount operations
pam_mount: information for mount:
pam_mount: --------
pam_mount: (defined by globalconf)
pam_mount: user: oterostaff1
pam_mount: server: mainad1
pam_mount: volume: oterostaff1
pam_mount: mountpoint: /home/winnt/oterostaff1
pam_mount: options:
uid=oterostaff1,gid=oterostaff1,dmask=0750,workgroup=MAIN
pam_mount: fs_key_cipher:
pam_mount: fs_key_path:
pam_mount: mount command: /bin/mount
mount
-t
smbfs
pam_mount: --------
pam_mount: checking to see if //mainad1/oterostaff1 is already mounted
pam_mount: checking for encrypted filesystem key configuration
pam_mount: about to start building mount command
pam_mount: mount type is SMBMOUNT
pam_mount: waiting for homedir mount
pam_mount: arg is: /bin/mount
pam_mount: arg is: mount
pam_mount: arg is: -t
pam_mount: arg is: smbfs
pam_mount: arg is: //mainad1/oterostaff1
pam_mount: arg is: /home/winnt/oterostaff1
pam_mount: arg is: -o
pam_mount: arg is:
username=oterostaff1,uid=oterostaff1,gid=oterostaff1,dmask=0750,workgroup=MA
IN
Error reading password from file descriptor 0: empty password
Last login: Wed May 28 19:52:17 from localhost
messages says that winbindd looks happy
May 28 22:11:31 localhost pam_winbind[1827]: user 'oterostaff1' granted
acces
May 28 22:11:31 localhost pam_winbind[1827]: user 'oterostaff1' granted
acces
May 28 22:11:31 localhost login(pam_unix)[1827]: session opened for user
oterostaff1 by (uid=0)
The pam file for login looks like:
#%PAM-1.0
auth required /lib/security/pam_securetty.so
auth sufficient /lib/security/pam_winbind.so
auth sufficient /lib/security/pam_unix.so use_first_pass
auth required /lib/security/pam_stack.so service=system-auth
auth required /lib/security/pam_nologin.so
account sufficient /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
password required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_stack.so service=system-auth
session optional /lib/security/pam_console.so
session required /usr/lib/security/pam_mount.so use_first_pass
auth required /usr/lib/security/pam_mount.so use_first_pass
More information about the samba
mailing list