Displaying 4 results from an estimated 4 matches for "mkhomedir_helper".
2012 Dec 28
0
Problem with local profiles and samba
...spasswords\sfor\s*\nNew
\sPassword:\s%n*\nRetype\snew\spassword:\s%n*.
; guest account = nobody
; invalid users = root
pam password change = yes
# Domain
domain logons = yes
enable privileges = yes
logon path =
logon home =
logon drive =
logon script = startup.bat
root preexec = /sbin/mkhomedir_helper %U
add user script = /usr/sbin/smbldap-useradd -a -m '%u'
delete user script = /usr/sbin/smbldap-userdel '%u'
add group script = /usr/sbin/smbldap-groupadd -p '%g'
delete group script = /usr/sbin/smbldap-groupdel '%g'
add user to group script = /usr/sbin/smblda...
2017 Jul 06
1
samba 4.5.8 @ debian 9 - wrong groups IDs for PAM authorization
...ession): pam_modutil_drop_priv: change_gid failed: Success
Jul 6 18:59:02 testvm login[1230]: pam_keyinit(login:session): Unable to change GID to 70005 temporarily
Jul 6 18:59:02 testvm login[1230]: pam_unix(login:session): session opened for user domainuser by LOGIN(uid=0)
Jul 6 18:59:02 testvm mkhomedir_helper: PAM unable to change perms on copy /home/domainuser/.profile: Invalid argument
Jul 6 18:59:02 testvm login[1230]: pam_systemd(login:session): Failed to create session: Seat has no VTs but VT number not 0
Jul 6 18:59:02 testvm login[1230]: Permission denied
GID 70005 is «domain admins» group.
A...
2015 Dec 19
1
LDAP create home directories
...And it works fine! :) Turns out the host that had directory creation
working properly before had SELinux disabled.
When I look at the audit log this is what I found:
type=AVC msg=audit(1450562436.438:2148162): avc: denied { entrypoint }
for pid=17881 comm="sshd" path="/usr/sbin/mkhomedir_helper" dev="vda1"
ino=1048040 scontext=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
tcontext=system_u:object_r:oddjob_mkhomedir_exec_t:s0 tclass=file
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to gener...
2015 Dec 19
2
LDAP create home directories
>
> You may also need to restart sssd or nslcd, depending upon which one is
> running the backed ldap connection service on the clients.
Hmm.. I got a different result after restarting nclcd. Instead of logging
me in and just complaining that it couldn't create the home directory, it
still complains about not creating the home directory, but now it doesn't
let me in:
#ssh