-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Message: 38 > Date: Thu, 29 May 2003 17:33:14 -0500 > From: Bradley Wendelboe <[EMAIL PROTECTED]> > Subject: RE: [Samba] Making winbindd and pam_mount play nice together > (2nd try) > To: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]> > Message-ID: > <[EMAIL PROTECTED]> > Content-Type: text/plain > > Yes, I'm going to individual shares. It seems that pam_mount is not getting > the password information from the PAM system. I've contacted the author of > pam_mount and will share any results. > > So far: > > Several people are trying to get pam_mount working with winbind. I don't > have a winbind setup myself, so it is difficult for me to debug. Please be > patient. > > The only hypothesis I have at this point revolves around pam_mounts use of > functions like getpwnam to retrieve information about a user's account. > Theoretically, if one configures /etc/nsswitch.conf correctly, getpwnam can > use services besides /etc/passwd (ie: winbind) to answer questions about a > user. > Pam_mount uses getpwnam to do the following: > > 1. Determine where ~/.pam_mount.conf is. > > 2. Determine the UID and GID that should own a mount point created by > pam_mount. > > 3. Determine the UID and GID that should own a user's session count file > (/var/run/pam_mount/<user>). > > 4. Ensure a user owns mount points and volumes for volumes defined by > ~/.pam_mount.conf. > > The only other suspect action I can think of is pam_mount's retrieval of a > user's password from the PAM system. I don't think this should be an issue > if you use pam_winbind to authenticate users. > > Do any of these hints help?
I don't have a winbind system available to test on, but I maintain pam_mount packages in Mandrake, and so have a test setup, using accounts only in LDAP via pam_ldap. I have no problems, currently using pam_mount 0.5.14. I haven't tried pam_mount with winbind since it added the ~ token (which I needed), but it did work ... Have you tried pam_mount with local accounts to ensure that it's not winbind that is the problem? BTW, I have had trouble using pam_mount via a stacked pam file (like /etc/pam.d/system-auth) before, so my test setup uses it in /etc/pam.d/login directly. Regards, Buchan - -- |--------------Another happy Mandrake Club member--------------| Buchan Milne Mechanical Engineer, Network Manager Cellphone * Work +27 82 472 2231 * +27 21 8828820x202 Stellenbosch Automotive Engineering http://www.cae.co.za GPG Key http://ranger.dnsalias.com/bgmilne.asc 1024D/60D204A7 2919 E232 5610 A038 87B1 72D6 AC92 BA50 60D2 04A7 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQE+1ycTrJK6UGDSBKcRAiRiAJwLvVUb7+54ipP/O6ugCOMEossUgQCeLcbk +czGA66Li9IttDGBejRb0OE= =HJXq -----END PGP SIGNATURE----- ****************************************************************** Please click on http://www.cae.co.za/disclaimer.htm to read our e-mail disclaimer. ****************************************************************** -- To unsubscribe from this list go to the following URL and read the instructions: http://lists.samba.org/mailman/listinfo/samba
