Actually trying... The message comes to the user in LightDM. But I don't have access to the AFS share of the user. I assume it's because pam_exec runs before pam_afs_session:
-- /etc/pam.d/common-auth ~~~ auth [success=3 default=ignore] pam_krb5.so minimum_uid=1000 auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass # auth against two domains via LDAP auth [success=1 default=ignore] pam_sss.so use_first_pass auth requisite pam_deny.so auth required pam_permit.so # mount OwnCloud via webdav auth optional pam_mount.so auth optional pam_afs_session.so auth optional pam_cap.so # check free space in AFS auth requisite pam_exec.so stdout seteuid /opt/check_free.sh ~~~ pam_afs_session is optional because there are users from another domain without an AFS share. The check_free script checks this by itself. I've set it to required too. But still the same. The script doesn't have access to the AFS share. According to the manual of PAM there is no way to set an order. Maybe this doesn't work because it's in the PAM process? Any hints? -- Michael Richter Technische Universität Berlin Universitätsbibliothek IT-Service Fasanenstraße 88, 10623 Berlin Telefon: +49 (0)30 314-76310 m.rich...@tu-berlin.de www.ub.tu-berlin.de -----Ursprüngliche Nachricht----- Von: Stephan Wiesand [mailto:stephan.wies...@desy.de] Gesendet: Donnerstag, 2. Februar 2017 09:43 An: openafs-info@openafs.org Cc: Richter, Michael Betreff: Re: [OpenAFS] Check free space on AFS share before login > On 2 Feb 2017, at 08:37, Richter, Michael <m.rich...@tu-berlin.de> wrote: > > And the output will be shown in LightDM? I'll give that a try. Better yet, something like this just works as one would hope: echo WARNING: Your home directory is almost full. echo Hit Enter to try to log in, but it may fail. echo If it does, press Ctrl-Alt-F2, log in on the echo text screen and free some space. Then log out echo and press Alt-F7 to get back here. exit 0 - Stephan > -----UrsprĂźngliche Nachricht----- > Von: Stephan Wiesand [mailto:stephan.wies...@desy.de] > Gesendet: Mittwoch, 1. Februar 2017 13:08 > An: openafs-info@openafs.org > Cc: Richter, Michael > Betreff: Re: [OpenAFS] Check free space on AFS share before login > > Hi Michael, > >> On 1 Feb 2017, at 11:08, Richter, Michael <m.rich...@tu-berlin.de> wrote: >> >> Hi, >> we are using OpenAFS for the home drive. /home/users is a symlink to the >> AFS path with all the home shares. The users home is for example >> /home/users/username. >> >> The users only have 1 GB of space available in that share. It often happens >> that the quota is reached and they are unable to login. Ubuntu doesnât >> give a meaningful error message. I think, Ubuntu doesnât know whatâs the >> problem, because it sees only â/â as mountpoint, which has enough free >> space available. >> >> Is there a way to check the free space of the user on login and give the >> user a good error message if there is not enough free space available in the >> AFS share? > > nice idea... I should probably implement that here. Something like > > auth required pam_exec.so stdout /bin/check_home_space > > should work well enough at least with lightdm. Just make the script print a > short message to stdout and exit 1 in the failure case. > > Hth > Stephan > >> >> I think about using pam-script to run a script that checks it but I canât >> see a way to bring back that message to the user. Also pam-afs-session seems >> not to have some option for that. Is there some other solution? >> >> Greetings >> Michael -- Stephan Wiesand DESY -DV- Platanenallee 6 15738 Zeuthen, Germany
