samba - Feb 2008 - pam_mkhomedir.so not working.

Sambains, I gotta samba setup where I use pam_mkhomedir.so to create
home dir for first time users. Same configuration is working on many
hosts and if I create a home directory manually, I can login, but not
on fly. And also when I change the /home permission to 777, its
creating home directory for new users on fly.

When strace a su session, I getting the following error. My guess is
the module is working, but something is preventing. I have selinux
disabled and root has W permission to /home.


mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0x2a98c46000
write(1, "Creating directory \'/home/DOM/"..., 44Creating
directory
'/home/DOM/user1'.
) = 44
mkdir("/home/DOM/user1", 0700)    = -1 EACCES (Permission denied)
time([1203973003])                      = 1203973003


I played enough with the umask, but cudn't figure out much.

This is my pam line on system-auth

session required /lib64/security/pam_mkhomedir.so skel=/etc/skel umask=0022

Cheers, LA

>>>>> "Linux" == Linux Addict
<linuxaddict7@gmail.com> writes:
    Linux> mmap(NULL, 4096, PROT_READ|PROT_WRITE,
    Linux> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x2a98c46000 write(1,
    Linux> "Creating directory \'/home/DOM/"..., 44Creating
directory
    Linux> '/home/DOM/user1'.  ) = 44
mkdir("/home/DOM/user1", 0700)     Linux> -1 EACCES (Permission
denied) time([1203973003])     Linux> 1203973003

I would guess that the process that is calling pam is not running as
root, and as such pam_mkhomedir won't work as currently written.

You haven't stated how your users login. ssh? If so the issue maybe
the new security model openssh has.
-- 
Brian May <bam@snoopy.apana.org.au>

Linux Addict wrote:
> Sambains, I gotta samba setup where I use pam_mkhomedir.so to create
> home dir for first time users. Same configuration is working on many
> hosts and if I create a home directory manually, I can login, but not
> on fly. And also when I change the /home permission to 777, its
> creating home directory for new users on fly.
> 
> When strace a su session, I getting the following error. My guess is
> the module is working, but something is preventing. I have selinux
> disabled and root has W permission to /home.
> 
> 
> mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x2a98c46000
> write(1, "Creating directory \'/home/DOM/"..., 44Creating
directory
> '/home/DOM/user1'.
> ) = 44
> mkdir("/home/DOM/user1", 0700)    = -1 EACCES (Permission denied)
> time([1203973003])                      = 1203973003
> 
> 
> I played enough with the umask, but cudn't figure out much.
> 
> This is my pam line on system-auth
> 
> session required /lib64/security/pam_mkhomedir.so skel=/etc/skel umask=0022
On Fedora Core 5, Fedora Core 6 and RHEL4 I saw the same because 
pam_mkhomedir didn't do 'mkdir -p' only 'mkdir' - it assumed
the
existence of the entire tree and wanted to only create the user's 
personal directory.

This problem was gone in later versions of these distributions.  Exactly 
which versions of pam and pam_mkhomedir these distributions map to I 
don't know, but you may want to check whether this is what you're
seeing.

Bj?rn
-- 
Bj?rn Tore Sund       Phone: 555-84894   Email:   bjorn.sund@it.uib.no
IT department         VIP:   81724       Support: http://bs.uib.no
Univ. of Bergen

When in fear and when in doubt, run in circles, scream and shout.