[Samba] mounting an AD share upon login

Juan Miscaro scry_mr at yahoo.ca
Tue Jul 10 13:25:29 GMT 2007


Hi everyone,

I am having trouble mounting a share on my AD server upon login.

I am using pam_mount.  Here is log activity when user 'peter' logs in
(with Ubuntu client) and is authenticated by AD server.  There is a
share called 'peter' on the server (netbios name WIN2003) and the mount
point is /home/PRIVATE/peter (see later for pam_mount.conf file):


=====================
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' OK
Jul  9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: (pam_unix) session opened for
user peter by (uid=0)
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:428) back
from global readconfig 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:430)
per-user configurations not allowed by pam_mount.conf 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:461)
pam_sm_open_session: real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(readconfig.c:418)
checking sanity of volume record (peter) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:476)
about to perform mount operations 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:368)
information for mount: 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:369)
---------------------- 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:370) (defined
by globalconf) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:373) user:   
      peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:374) server: 
      WIN2003 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:375) volume: 
      peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:376)
mountpoint:    /home/PRIVATE/peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:377) options:
      uid=peter,gid=peter,dmask=0750,workgroup=WORKGROUP
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:378)
fs_key_cipher:  
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:379)
fs_key_path:    
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:380)
use_fstab:   0 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:381)
---------------------- 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:177) realpath
of volume "/home/PRIVATE/peter" is "/home/PRIVATE/peter" 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:182) checking
to see if //WIN2003/peter is already mounted at /home/PRIVATE
/peter 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:799) checking
for encrypted filesystem key configuration 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:819) about to
start building mount command 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/bin/mount [-t] [cifs] [//WIN2003/peter] [/home/PRIVATE/peter]
 [-o] [user=peter,uid=502,gid=502,uid=peter,gid=peter,dmask=0750, 
Jul  9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:851) mount
errors (should be empty): 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:341) set_myuid(pre): real uid/gid=0:502, effective ui
d/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:376) set_myuid(post): real uid/gid=0:502, effective u
id/gid=0:502 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:854) waiting
for mount 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:480)
mount of peter failed 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:123)
clean system authtok (0) 
Jul  9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/usr/sbin/pmvarrun [-u] [peter] [-o] [1]
Jul  9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502 
Jul  9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:360)
pmvarrun says login count is 1 
Jul  9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:493) done
opening session
=====================


There are no "mount errors" but still "mount of peter failed".


Here is pam_mount.conf:

=====================
debug 1
mkmountpoint 1
fsckloop /dev/loop7

luserconf .pam_mount.conf
options_allow nosuid,nodev
options_deny suid,dev
options_require nosuid,nodev

lsof /usr/bin/lsof %(MNTPT)
fsck /sbin/fsck -p %(FSCKTARGET)

cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbmount /usr/bin/smbmount   //%(SERVER)/%(VOLUME) %(MNTPT) -o
"username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbumount /usr/bin/smbumount %(MNTPT)
umount /bin/umount %(MNTPT)

volume * cifs WIN2003 & /home/PRIVATE/&
uid=&,gid=&,dmask=0750,workgroup=WORKGROUP - -
=====================


Here are my other pam files,


/etc/pam.d/common-auth:

auth required pam_mount.so
auth sufficient pam_winbind.so use_first_pass
auth required pam_unix.so nullok_secure use_first_pass


/etc/pam.d/common-pammount:

auth       optional   pam_mount.so use_first_pass
session    optional   pam_mount.so use_first_pass


/etc/pam.d/common-session:

session required        pam_unix.so
session required        pam_mkhomedir.so umask=0022 skel=/etc/skel
session optional        pam_mount.so


Can someone please tell me what is going wrong?

   Juan


      Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca



More information about the samba mailing list