[Samba] pam_mkhomedir.so not working.
Linux Addict
linuxaddict7 at gmail.com
Tue Feb 26 17:20:51 GMT 2008
On Tue, Feb 26, 2008 at 9:31 AM, Bjoern Tore Sund <bjorn.sund at it.uib.no> wrote:
>
> Linux Addict wrote:
> > Sambains, I gotta samba setup where I use pam_mkhomedir.so to create
> > home dir for first time users. Same configuration is working on many
> > hosts and if I create a home directory manually, I can login, but not
> > on fly. And also when I change the /home permission to 777, its
> > creating home directory for new users on fly.
> >
> > When strace a su session, I getting the following error. My guess is
> > the module is working, but something is preventing. I have selinux
> > disabled and root has W permission to /home.
> >
> >
> > mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> > 0) = 0x2a98c46000
> > write(1, "Creating directory \'/home/DOM/"..., 44Creating directory
> > '/home/DOM/user1'.
> > ) = 44
> > mkdir("/home/DOM/user1", 0700) = -1 EACCES (Permission denied)
> > time([1203973003]) = 1203973003
> >
> >
> > I played enough with the umask, but cudn't figure out much.
> >
> > This is my pam line on system-auth
> >
> > session required /lib64/security/pam_mkhomedir.so skel=/etc/skel umask=0022
>
> On Fedora Core 5, Fedora Core 6 and RHEL4 I saw the same because
> pam_mkhomedir didn't do 'mkdir -p' only 'mkdir' - it assumed the
> existence of the entire tree and wanted to only create the user's
> personal directory.
>
> This problem was gone in later versions of these distributions. Exactly
> which versions of pam and pam_mkhomedir these distributions map to I
> don't know, but you may want to check whether this is what you're seeing.
>
> Bjørn
> --
> Bjørn Tore Sund Phone: 555-84894 Email: bjorn.sund at it.uib.no
> IT department VIP: 81724 Support: http://bs.uib.no
> Univ. of Bergen
>
> When in fear and when in doubt, run in circles, scream and shout.
>
This happening on only few of RHEL4 x86_64 bit hosts. Yes the parent
indeed exists..
On, mkdir("/home/DOM/user1", 0700) does 0700 the permission? If yes
why should it use it when the umask is 0022
More information about the samba
mailing list