Прошу помощи в настройке модуля pam_mount!
Прелюдия:
На рабочей станции установлена Fedora 10, настроена Samba и присоединена к Windows AD. Аутентификация пользователей происходит через winbind. При идентификации имя домена не используется (в файле /etc/smb.conf стоит параметр
Код: Выделить всё
winbind use default domain = yes
)
Домашние папки пользователей располагаются в /home/<DOMANE_NAME>/<user_name>, т.е. в /etc/smb.conf соответствующая строка:
Код: Выделить всё
template homedir = /home/%D/%U
Требуется смонтировать удаленную папку //server/homes в ~/Share пользователя.
Попробовал настроить pam_mount, но это не проходит. Конифигурация модуля /etc/security/pam_mount.comf.xml:
Код:
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<!--
See pam_mount.conf(5) for a description.
pam_mount internally has a hardcoded set of options, so you
can clear this file between <pam_mount> and </pam_mount>.
The tags you find below equal to the hardcoded options,
for your initial configuration convenience.
If you change or remove them, please remove this paragraph
to not mislead yourself ;-)
-->
<pam_mount>
<!-- Volume definitions -->
<!-- pam_mount parameters: General tunables -->
<debug enable="1" />
<!--
<luserconf name=".pam_mount.conf.xml" />
-->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev" />
<path>/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin</path>
<logout wait="0" hup="0" term="0" kill="0" />
<!-- pam_mount parameters: Volume-related -->
<fsckloop device="/dev/loop7" />
<mkmountpoint enable="1" remove="true" />
<!-- pam_mount parameters: Auxiliary programs -->
<fd0ssh>pmt-fd0ssh</fd0ssh>
<fsck>fsck -p %(FSCKTARGET)</fsck>
<!-- mntcheck utility for BSDs which lack /etc/mtab -->
<mntcheck>mount</mntcheck>
<pmvarrun>pmvarrun -u %(USER) -o %(OPERATION)</pmvarrun>
<!-- pam_mount parameters: Mount programs -->
<!-- On OpenBSD try "/usr/local/bin/mount_ehd" (included in pam_mount
package). -->
<volume user="%(DOMAIN_USER)" fstype="cifs" server="server" path="homes" mountpoint="/home/%(DOMAIN_NAME)/%(DOMAIN_USER)/Share" />
<lclmount>mount -p0 -t %(FSTYPE) %(VOLUME) %(MNTPT)
"%(ifnempty=\"-o\" OPTIONS)" %(OPTIONS)</lclmount>
<umount>umount %(MNTPT)</umount>
<losetup>losetup -p0 "%(before=\"-e\" CIPHER)"
"%(ifnempty=\"-k\" KEYBITS)" %(KEYBITS) %(FSCKLOOP) %(VOLUME)</losetup>
<unlosetup>losetup -d %(FSCKLOOP)</unlosetup>
<cifsmount>mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"</cifsmount>
<cryptmount>mount.crypt "%(ifnempty=\"-o\" OPTIONS)" %(OPTIONS)
%(VOLUME) %(MNTPT)</cryptmount>
<cryptumount>umount.crypt %(MNTPT)</cryptumount>
<fusemount>mount.fuse %(VOLUME) %(MNTPT)
"%(ifnempty=\"-o\" OPTIONS)" %(OPTIONS)</fusemount>
<fuseumount>fusermount -u %(MNTPT)</fuseumount>
<ncpmount>ncpmount %(SERVER)/%(USER) %(MNTPT) -o
"pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)"</ncpmount>
<ncpumount>ncpumount %(MNTPT)</ncpumount>
<nfsmount>mount %(SERVER):%(VOLUME) %(MNTPT)
"%(ifnempty=\"-o\" OPTIONS)" %(OPTIONS)</nfsmount>
<smbmount>smbmount //%(SERVER)/%(VOLUME) %(MNTPT) -o
"username=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\" OPTIONS)"</smbmount>
<smbumount>smbumount %(MNTPT)</smbumount>
<!-- pam_mount parameters: Messages -->
<msg-authpw>pam_mount password:</msg-authpw>
<msg-sessionpw>reenter password for pam_mount:</msg-sessionpw>
</pam_mount>
Подключение, увы , не проходит, в логах пишет:
Код: Выделить всё
May 27 12:37:03 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:258) pam_mount 0.49: entering auth stage
May 27 12:37:03 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:190) enter read_password
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:293) saving authtok for session code (authtok=0x8495850)
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:436) pam_mount 0.49: entering session stage
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:457) back from global readconfig
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:459) per-user configurations not allowed by pam_mount.conf.xml
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:472) no volumes to mount
May 27 12:37:09 Linux2 gdm-session-worker[2334]: pam_mount(pam_mount.c:525) done opening session (ret=0)
В чем может быть проблема?