[Samba] Unable to see home dir

Rowland Penny rpenny at samba.org
Thu Oct 14 08:35:59 UTC 2021 

On Wed, 2021-10-13 at 18:48 -0400, Rob Campbell wrote:
> > What creates the homedir ? SSH by itself will not do this, you need
> to use pam-mkhomedir.
> I used a script I found online and that works.  It creates the
> directory owned by the user and group domain users.  I wasn't sure if
> this is still the preferred way of doing it since it first appeared
> years ago but it does create the dir with the ad user uid and gid.
> 
> # stat username/
>   File: username/
>   Size: 64         Blocks: 0          IO Block: 4096   directory
> Device: 28h/40d Inode: 1274        Links: 1
> Access: (0700/drwx------)  Uid: (111123/username)   Gid:
> (110513/domain users)
> Access: 2021-10-13 03:31:06.005020902 -0400
> Modify: 2021-10-13 03:31:06.006020881 -0400
> Change: 2021-10-13 03:31:06.006020881 -0400
>  Birth: 2021-10-13 03:31:06.005020902 -0400
> 
> 
> [home]
>     comment = Home Directories
>     browseable = no
>     writable = yes
> read only = no # newly added
> create mask = 0700 # newly added
> directory mask = 0700 # newly added
> path = /home/INTERNAL/%S
>     valid users = %S
> ; valid users = %S %D%w%S
> root preexec = /usr/local/sbin/mkhomedir.sh %U
> 
> /usr/local/sbin/mkhomedir.sh:
> #!/bin/bash
> 
> useradd $1
> if [ ! -e /home/INTERNAL/$1 ]; then
> echo "Creating /home/INTERNAL/$1" >> /etc/samba/create_user.txt
> useradd $1 -m -b /home/INTERNAL
> #mkdir /home/INTERNAL/$1
> #chown $1:"Domain Users" /home/INTERNAL/$1
> fi
> exit 0
> 
> ssh username at localhost
> username at localhost's password: 
> Last failed login: Tue Oct 12 22:17:59 EDT 2021 on tty1
> There was 1 failed login attempt since the last successful login.
> Could not chdir to home directory /home/INTERNAL/username: Permission
> denied
> Connection to localhost closed.
> 
> If I comment out the permissions undf [home]:
> sh username at localhost
> username at localhost's password: 
> Last login: Wed Oct 13 18:13:22 2021 from ::1
> Connection to localhost closed.
> 
> Both times, the directory is created with the same permissions:
> la
> total 0
> drwx--x--x. 1 root      root         18 Oct 13 17:55 .
> drwxr-xr-x. 1 root      root         34 Oct 12 22:29 ..
> drwx------  1 username domain users 64 Oct 13 17:55 username
> 
> stat username/
>   File: username/
>   Size: 64         Blocks: 0          IO Block: 4096   directory
> Device: 28h/40d Inode: 1281        Links: 1
> Access: (0700/drwx------)  Uid: (111123/username)   Gid:
> (110513/domain users)
> Access: 2021-10-13 17:55:12.679918668 -0400
> Modify: 2021-10-13 17:55:12.680918657 -0400
> Change: 2021-10-13 17:55:12.680918657 -0400
>  Birth: 2021-10-13 17:55:12.679918668 -0400
> 
> la /home/INTERNAL/username/
> total 12K
> drwx------  1 username domain users  64 Oct 13 18:15 .
> drwx--x--x. 1 root      root          18 Oct 13 18:15 ..
> -rw-------  1 username domain users  18 Oct 13 18:15 .bash_logout
> -rw-------  1 username domain users 141 Oct 13 18:15 .bash_profile
> -rw-------  1 username domain users 492 Oct 13 18:15 .bashrc
> 

That script will never work with AD and even if it did, it wouldn't
work with SSH, you need to use PAM (oddjob-mkhomedir on fedora, I
think).

Rowland

More information about the samba mailing list