Subject: libpam-mount: SGRP option match with anyone group
Package: libpam-mount
Version: 0.44-1+lenny3
Severity: important
*** Please type your report below this line ***
Hi everyone
I have a pool of lenny desktops with:
- LDAP for user and group resolution
- PAM for create home folders (from personal skel), authentication and
mount CIFS shares (on a SAMBA server)
Users got the correspondent shares mounted at home folder, like this:
user/
|-- user_SERVER
|-- maingroup_SERVER
|-- optionalgrp01_SERVER
|-- optionalgrp02_SERVER
...
...
|-- optionalgrpNN_SERVER
`-- public_SERVER
The mountpoints are controlled by the main config file
(/etc/security/pam_mount.conf.xml), like this:
<!-- Homes share -->
<volume fstype="smbfs" server="sambaserver"
path="homes" mountpoint="/home/%(USER)/%(USER)_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
<!-- Public share -->
<volume fstype="smbfs" server="sambaserver"
path="public" mountpoint="/home/%(USER)/public_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
<!-- Main group of user at sambaserver -->
<volume fstype="smbfs" server="sambaserver"
pgrp="stock" path="stock"
mountpoint="/home/%(USER)/stock_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
<volume fstype="smbfs" server="sambaserver"
pgrp="deploy" path="deploy"
mountpoint="/home/%(USER)/deploy_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
...
...
<!-- Secondary/Optional groups of user at sambaserver -->
<volume fstype="smbfs" server="sambaserver"
sgrp="stock" path="stock"
mountpoint="/home/%(USER)/stock_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
<volume fstype="smbfs" server="sambaserver"
sgrp="deploy" path="deploy"
mountpoint="/home/%(USER)/deploy_SERVER"
options="dir_mode=0777,workgroup=MYGROUP,iocharset=utf8"/>
...
...
With this set of packages, all works fine:
ii libpam-mount 0.38-1
ii debconf 1.5.22
ii libc6 2.7-10
ii libhx10 1.17-1
ii libpam0g 0.99.7.1-6
ii libssl0.9.8 0.9.8g-14
ii libxml-writer-perl 0.604-1
ii libxml2 2.6.32.dfsg-2
ii mount 2.13.1.1-1
But, with libpam-mount 0.44-1+lenny3 and 0.44-1+lenny2, the SGRP tag
match with anyone group. This cause alot of trouble, since each user
will match with all groups (around 30) and will try mount all, filling
the home folder with mountpoints, slowing the login/logout process and
making users confuse.
If i put libpam-mount 0.38-1 back, all works fine again. I tryed a
workaround, making a "per-user" configs, but system hangs at login -
maybe i will open another report for this...
Sorry about my google-translator-powered english ;-)
-- System Information:
Debian Release: 5.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=pt_BR.UTF-8, LC_CTYPE=pt_BR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages libpam-mount depends on:
ii debconf 1.5.24 Debian configuration management sy
ii libc6 2.7-18 GNU C Library: Shared libraries
ii libhx13 1.18-1 A library providing queue, tree, I
ii libpam0g 1.0.1-4 Pluggable Authentication Modules l
ii libssl0.9.8 0.9.8g-15 SSL shared libraries
ii libxml-writer-perl 0.604-1 Perl module for writing XML docume
ii libxml2 2.6.32.dfsg-5 GNOME XML library
ii mount 2.13.1.1-1 Tools for mounting and manipulatin
libpam-mount recommends no packages.
Versions of packages libpam-mount suggests:
pn cryptsetup <none> (no description available)
pn davfs2 <none> (no description available)
pn fuse-utils <none> (no description available)
ii lsof 4.78.dfsg.1-4 List open files
pn ncpfs <none> (no description available)
ii openssl 0.9.8g-15 Secure Socket Layer (SSL) binary a
ii psmisc 22.6-1 Utilities that use the proc filesy
ii smbfs 2:3.2.5-3 mount and umount commands for the
pn truecrypt-utils <none> (no description available)
-- debconf information:
* libpam-mount/convert-xml-config: true
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
