Hello all:
Happy New Year to everyone and thank you for all the knowledge this past year.
I have a hopefully simple question about kickstart. In the authconfig section I can enable ldap, credential caching, etc.. Using the GUI tool there's an option to create the user home directories on first login. The docs don't show a similar option for authconfig in kickstart. For now I'm using a sed script in the %post section of the kickstart to replace the entry in /etc/login.defs, but was curious if there is a standard method via a system utility to change this option.
On Fri, Jan 1, 2010 at 11:02 AM, Kwan Lowe kwan.lowe@gmail.com wrote:
Hello all:
Happy New Year to everyone and thank you for all the knowledge this past year.
I have a hopefully simple question about kickstart. In the authconfig section I can enable ldap, credential caching, etc.. Using the GUI tool there's an option to create the user home directories on first login. The docs don't show a similar option for authconfig in kickstart. For now I'm using a sed script in the %post section of the kickstart to replace the entry in /etc/login.defs, but was curious if there is a standard method via a system utility to change this option.
Still having issues with this... Here's the relevant line from my kickstart:
authconfig --enableshadow --enablemd5 --enableldap --enableldapauth --ldapserver=ldapserver.digitalhermit.com --ldapbasedn=dc=digitalhermit,dc=com --enablecache
And the sed scripts to enable the pieces that don't seem to have a passable keyword to change: %post yum -y groupinstall xfce
sed -i -e "s/^(USEMKHOMEDIR=).*$/\1\yes/" /etc/sysconfig/authconfig sed -i -e "s/^(USEPAMACCESS=).*$/\1\yes/" /etc/sysconfig/authconfig sed -i -e "s/^(USELOCAUTHORIZE=).*$/\1\yes/" /etc/sysconfig/authconfig
Unfortunately this doesn't work. When I login immediately after the initial reboot it authenticates properly but complains that the user home directory does not exist. If I then go in as root and run system-config-authentication and change one item, it will start creating the home directories.
I checked the following files (all opened by the system-config-authentication utility), but none except the /etc/sysconfig/authconfig appear to be related:
"/etc/gtk-2.0/gtkrc" "/etc/gtk-2.0/x86_64-redhat-linux-gnu/gdk-pixbuf.loaders" "/etc/hesiod.conf" "/etc/krb5.conf" "/etc/ldap.conf" "/etc/ld.so.cache" "/etc/localtime" "/etc/nsswitch.conf" "/etc/openldap/cacerts" "/etc/pam.d/system-auth-ac" "/etc/pam_smb.conf" "/etc/pango/pangorc" "/etc/pango/x86_64-redhat-linux-gnu/pango.modules" "/etc/samba/smb.conf" "/etc/selinux/config" "/etc/shells" "/etc/sysconfig/authconfig" "/etc/sysconfig/network" "/etc/yp.conf"
Anyone can shed light on why it does not auto-create the home directories on initial boot?
Kwan Lowe wrote:
On Fri, Jan 1, 2010 at 11:02 AM, Kwan Lowe kwan.lowe@gmail.com wrote:
Still having issues with this... Here's the relevant line from my kickstart:
authconfig --enableshadow --enablemd5 --enableldap--enableldapauth --ldapserver=ldapserver.digitalhermit.com --ldapbasedn=dc=digitalhermit,dc=com --enablecache
And the sed scripts to enable the pieces that don't seem to have a passable keyword to change: %post yum -y groupinstall xfce
sed -i -e "s/^\(USEMKHOMEDIR=\).*$/\1\yes/" /etc/sysconfig/authconfig sed -i -e "s/^\(USEPAMACCESS=\).*$/\1\yes/" /etc/sysconfig/authconfig sed -i -e "s/^\(USELOCAUTHORIZE=\).*$/\1\yes/" /etc/sysconfig/authconfigUnfortunately this doesn't work. When I login immediately after the initial reboot it authenticates properly but complains that the user home directory does not exist. If I then go in as root and run system-config-authentication and change one item, it will start creating the home directories.
<SNIP>
Anyone can shed light on why it does not auto-create the home directories on initial boot?
I think the issue here is that the change has to be made in both the authconfig file and in the /etc/pam.s/system-auth file. Just changing /etc/sysconfig/authconfig does not do it. You could use something like the following in your kickstart file instead of all the sed commands:
/usr/sbin/authconfig --enablemkhomedir --enablelocauthorize \ --enablepamaccess --update
This will make the changes you specified to /etc/sysconfig/authconfig AND update any other files affected by the change. I'm a lazy bum and it just seems easier and cleaner to me.
Just a thought!
On Sat, Jan 2, 2010 at 11:07 AM, Jay Leafey jay.leafey@mindless.com wrote:
Anyone can shed light on why it does not auto-create the home directories on initial boot?
I think the issue here is that the change has to be made in both the authconfig file and in the /etc/pam.s/system-auth file. Just changing /etc/sysconfig/authconfig does not do it. You could use something like the following in your kickstart file instead of all the sed commands:
/usr/sbin/authconfig --enablemkhomedir --enablelocauthorize \ --enablepamaccess --update
Ahhh.. that looks like it. I was looking through the kickstart docs but there's no mention of enablemkhomedir or enablepamaccess.. Thanks so much.. Will try it shortly.
-
Jay Leafey -
Kwan Lowe