[Samba] mounting an AD share upon login
Juan Miscaro
scry_mr at yahoo.ca
Tue Jul 10 13:25:29 GMT 2007
Hi everyone,
I am having trouble mounting a share on my AD server upon login.
I am using pam_mount. Here is log activity when user 'peter' logs in
(with Ubuntu client) and is authenticated by AD server. There is a
share called 'peter' on the server (netbios name WIN2003) and the mount
point is /home/PRIVATE/peter (see later for pam_mount.conf file):
=====================
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' OK
Jul 9 13:03:25 feisty-s86-1 pam_winbind[7393]: user 'peter' granted
access
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: (pam_unix) session opened for
user peter by (uid=0)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:428) back
from global readconfig
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:430)
per-user configurations not allowed by pam_mount.conf
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:461)
pam_sm_open_session: real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(readconfig.c:418)
checking sanity of volume record (peter)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:476)
about to perform mount operations
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:368)
information for mount:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:369)
----------------------
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:370) (defined
by globalconf)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:373) user:
peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:374) server:
WIN2003
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:375) volume:
peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:376)
mountpoint: /home/PRIVATE/peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:377) options:
uid=peter,gid=peter,dmask=0750,workgroup=WORKGROUP
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:378)
fs_key_cipher:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:379)
fs_key_path:
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:380)
use_fstab: 0
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:381)
----------------------
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:177) realpath
of volume "/home/PRIVATE/peter" is "/home/PRIVATE/peter"
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:182) checking
to see if //WIN2003/peter is already mounted at /home/PRIVATE
/peter
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:799) checking
for encrypted filesystem key configuration
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:819) about to
start building mount command
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/bin/mount [-t] [cifs] [//WIN2003/peter] [/home/PRIVATE/peter]
[-o] [user=peter,uid=502,gid=502,uid=peter,gid=peter,dmask=0750,
Jul 9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7407]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:851) mount
errors (should be empty):
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:341) set_myuid(pre): real uid/gid=0:502, effective ui
d/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:100)
pam_mount(misc.c:376) set_myuid(post): real uid/gid=0:502, effective u
id/gid=0:502
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(mount.c:854) waiting
for mount
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:480)
mount of peter failed
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:123)
clean system authtok (0)
Jul 9 13:03:26 feisty-s86-1 gdm[7393]: pam_mount(misc.c:264) command:
/usr/sbin/pmvarrun [-u] [peter] [-o] [1]
Jul 9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:341)
set_myuid(pre): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:27 feisty-s86-1 gdm[7411]: pam_mount(misc.c:376)
set_myuid(post): real uid/gid=0:502, effective uid/gid=0:502
Jul 9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:360)
pmvarrun says login count is 1
Jul 9 13:03:27 feisty-s86-1 gdm[7393]: pam_mount(pam_mount.c:493) done
opening session
=====================
There are no "mount errors" but still "mount of peter failed".
Here is pam_mount.conf:
=====================
debug 1
mkmountpoint 1
fsckloop /dev/loop7
luserconf .pam_mount.conf
options_allow nosuid,nodev
options_deny suid,dev
options_require nosuid,nodev
lsof /usr/bin/lsof %(MNTPT)
fsck /sbin/fsck -p %(FSCKTARGET)
cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbmount /usr/bin/smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o
"username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"
smbumount /usr/bin/smbumount %(MNTPT)
umount /bin/umount %(MNTPT)
volume * cifs WIN2003 & /home/PRIVATE/&
uid=&,gid=&,dmask=0750,workgroup=WORKGROUP - -
=====================
Here are my other pam files,
/etc/pam.d/common-auth:
auth required pam_mount.so
auth sufficient pam_winbind.so use_first_pass
auth required pam_unix.so nullok_secure use_first_pass
/etc/pam.d/common-pammount:
auth optional pam_mount.so use_first_pass
session optional pam_mount.so use_first_pass
/etc/pam.d/common-session:
session required pam_unix.so
session required pam_mkhomedir.so umask=0022 skel=/etc/skel
session optional pam_mount.so
Can someone please tell me what is going wrong?
Juan
Be smarter than spam. See how smart SpamGuard is at giving junk email the boot with the All-new Yahoo! Mail at http://mrd.mail.yahoo.com/try_beta?.intl=ca
More information about the samba
mailing list