pam_mkhomedir.so do not mk_home_dir - Discuss

23 Jul 2004


      hi
I am triing to make samba service authenticate trought Win2k domain.
It works quite well, but I want make "homes" for users (the server will 
have an IMAP server and I need to make home for user on the first logon.
It does not work ... and what is worst, it does not make ANY notice in 
any log
Yes I know "debug" should do it, but does not.
I can DO:
$ smbclient //tux/tmp -U klimatest
Password:
Domain=[MADETA] OS=[Unix] Server=[Samba 3.0.2-6.3E]
smb: > q
but
$ smbclient //tux/klimatest -U klimatest
Password:
Domain=[MADETA] OS=[Unix] Server=[Samba 3.0.2-6.3E]
tree connect failed: NT_STATUS_ACCESS_DENIED
I tought it can't make the HOME bacause of permission
so
tux # mkdir /home/MADETA
tux # chmod 777 /home/MADETA
tux # chmod 777 /home (I know, I know, I imediatelly changed it back ...)
And still nothing in log ....
I am confused
DID ANYONE SEE pam_mkhomedir.so DID HIS JOB?
Thanks
Petr Klima
Samba 3.0.2-6.3E CENTOS-3
My
/etc/pam.d/samba
#%PAM-1.0
auth       required     pam_nologin.so
auth       required     pam_stack.so service=system-auth
auth       required     /lib/security/pam_winbind.so
account    required     /lib/security/pam_winbind.so
account    required     pam_stack.so service=system-auth
session    required     /lib/security/pam_mkhomedir.so 
skel=/etc/samba/skel umask=0022
session    required     pam_stack.so service=system-auth
password   required     pam_stack.so service=system-auth
/etc/pam.d/imap
%PAM-1.0
auth required /lib/security/pam_winbind.so
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_winbind.so
account required /lib/security/pam_stack.so service=system-auth
session required /lib/security/pam_mkhomedir.so umask=0022
/etc/pam.d/sys-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/$ISA/pam_env.so
auth        sufficient     /lib/security/$ISA/pam_winbind.so
auth        sufficient    /lib/security/$ISA/pam_unix.so likeauth nullok
auth        required      /lib/security/$ISA/pam_deny.so
account     required      /lib/security/$ISA/pam_unix.so
password    required      /lib/security/$ISA/pam_cracklib.so retry=3 type=
password    sufficient    /lib/security/$ISA/pam_unix.so nullok use_authtok
password    required      /lib/security/$ISA/pam_deny.so
session     required      /lib/security/$ISA/pam_limits.so
session     required      /lib/security/$ISA/pam_unix.so
/etc/samba/smb.conf
#http://us3.samba.org/samba/docs/man/Samba-HOWTO-Collection/FastStart.html#id...
[global]
workgroup = MADETA
netbios name = KLIMA
security = DOMAIN
printcap name = cups
disable spoolss = Yes
show add printer wizard = No
idmap uid = 15000-20000
idmap gid = 15000-20000
winbind separator = +
winbind use default domain = Yes
use sendfile = Yes
printing = cups
# http://www.flatmtn.com/computer/Linux-Samba.html
#   template homedir = /home/%U
#   template shell = /bin/bash
#   name resolve order = wins lmhosts host bcast
[homes]
comment = Home Directories
read only = No
browseable = No
valid users = %S
# http://www.flatmtn.com/computer/Linux-Samba.html
#   valid users = %D+%S
[tmp]
comment = Temporary file space
path = /tmp
read only = no
public = yes
#######################################################