Or configure your PAM stack to run pam_mount after pam_unix2, pam_ldap, pam_WhateverYouUse. See doc/pam_mount.txt (svn) for how this could be done.
As soon as the pam_mount session code has to ask for a password, it will be obvious it is present, hence the following hunk does not really change any security aspect: -<msg-sessionpw>reenter password for pam_mount:</msg-sessionpw> +<msg-sessionpw>Reenter password:</msg-sessionpw> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

