[CentOS] pam_mount
Rob Kampen
rkampen at kampensonline.com
Tue Feb 16 11:28:40 UTC 2010
Marcus Moeller wrote:
> Hi all,
>
> I am a bit confused about the usage of pam_mount.
>
> Here is my /etc/pam.d/system-auth:
>
> auth required pam_env.so
> auth required pam_mount.so
>
add use_first_pass to this??
> auth sufficient pam_unix.so nullok try_first_pass
> auth requisite pam_succeed_if.so uid >= 500 quiet
> auth sufficient pam_krb5.so use_first_pass
> auth required pam_deny.so
>
> account required pam_unix.so broken_shadow
> account sufficient pam_localuser.so
> account sufficient pam_succeed_if.so uid < 500 quiet
> account [default=bad success=ok user_unknown=ignore] pam_krb5.so
> account required pam_permit.so
>
> password requisite pam_cracklib.so try_first_pass retry=3
> password sufficient pam_unix.so sha512 shadow nullok
> try_first_pass use_authtok
> password sufficient pam_krb5.so use_authtok
> password required pam_deny.so
>
> session optional pam_keyinit.so revoke
> session required pam_limits.so
> session optional pam_mkhomedir.so
> session [success=1 default=ignore] pam_succeed_if.so service in
> crond quiet use_uid
> session required pam_unix.so
> session optional pam_krb5.so
> session optional pam_mount.so
>
> If pam_mount.so is listed in the session definition I will be asked
> for the password a second time during SSH login:
>
> At this stage the share is already mounted.
>
> I can just remove the:
>
> session optional pam_mount.so
>
> from system-auth which seem to work fine. Even the share is unmounted
> successfully on logout.
>
> So my question is: what is the session entry used for within pam_mount
> (as the usage is suggested in the man page and in the docs)?
>
> Best Regards
> Marcus
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rkampen.vcf
Type: text/x-vcard
Size: 196 bytes
Desc: not available
URL: <http://lists.centos.org/pipermail/centos/attachments/20100216/0c162897/attachment.vcf>
More information about the CentOS
mailing list