[Centos] pam_mkhomedir.so do not mk_home_dir

Petr "Qaxi" Klima qaxi at seznam.cz
Fri Jul 23 12:15:33 UTC 2004


hi

I am triing to make samba service authenticate trought Win2k domain.

It works quite well, but I want make "homes" for users (the server will 
have an IMAP server and I need to make home for user on the first logon.

It does not work ... and what is worst, it does not make ANY notice in 
any log

Yes I know "debug" should do it, but does not.


I can DO:

$ smbclient //tux/tmp -U klimatest
Password:
Domain=[MADETA] OS=[Unix] Server=[Samba 3.0.2-6.3E]
smb: \> q

but

$ smbclient //tux/klimatest -U klimatest
Password:
Domain=[MADETA] OS=[Unix] Server=[Samba 3.0.2-6.3E]
tree connect failed: NT_STATUS_ACCESS_DENIED


I tought it can't make the HOME bacause of permission
so
tux # mkdir /home/MADETA
tux # chmod 777 /home/MADETA
tux # chmod 777 /home (I know, I know, I imediatelly changed it back ...)


And still nothing in log ....


I am confused

DID ANYONE SEE pam_mkhomedir.so DID HIS JOB?

Thanks

    Petr Klima

Samba 3.0.2-6.3E CENTOS-3



My
/etc/pam.d/samba
#%PAM-1.0
auth       required     pam_nologin.so
auth       required     pam_stack.so service=system-auth
auth       required     /lib/security/pam_winbind.so
account    required     /lib/security/pam_winbind.so
account    required     pam_stack.so service=system-auth
session    required     /lib/security/pam_mkhomedir.so 
skel=/etc/samba/skel umask=0022
session    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth

/etc/pam.d/imap
%PAM-1.0
auth required /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so umask=0022

/etc/pam.d/sys-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient     /lib/security/$ISA/pam_winbind.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so

account     required      /lib/security/$ISA/pam_unix.so

password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok
password    required      /lib/security/$ISA/pam_deny.so

session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so

/etc/samba/smb.conf
#http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id2511305

[global]
workgroup = MADETA
netbios name = KLIMA
security = DOMAIN
printcap name = cups
disable spoolss = Yes
show add printer wizard = No
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
winbind use default domain = Yes
use sendfile = Yes
printing = cups

# http://www.flatmtn.com/computer/Linux-Samba.html
#   template homedir = /home/%U
#   template shell = /bin/bash
#   name resolve order = wins lmhosts host bcast

[homes]
comment = Home Directories
read only = No
browseable = No
valid users = %S
# http://www.flatmtn.com/computer/Linux-Samba.html
#   valid users = %D+%S

[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
#######################################################







More information about the CentOS mailing list