Your message dated Sat, 27 Oct 2007 00:16:20 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#447788: libpam-modules: pam_mkhomedir does not work with
ssh
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: libpam-modules
Version: 0.79-4
Severity: normal
I have the following in /etc/pam.d/common-session:
session required pam_mkhomedir.so skel=/etc/skel umask=022
Home directories are not created upon login as they should be. I have
tried with UsePrivilegeSeparation set yes and set no, I have also tried
setting mode 1777 on /home. Neither have any effect.
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages libpam-modules depends on:
ii libc6 2.3.6.ds1-13etch2 GNU C Library: Shared
libraries
ii libcap1 1:1.10-14 support for getting/
setting POSIX.
ii libdb4.3 4.3.29-8 Berkeley v4.3 Database
Libraries [
ii libpam0g 0.79-4 Pluggable Authentication
Modules l
ii libselinux1 1.32-3 SELinux shared libraries
libpam-modules recommends no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
On Fri, Oct 26, 2007 at 09:14:39AM -0700, Brian Bennett wrote:
> On Oct 25, 2007, at 12:14 PM, Steve Langasek wrote:
>> Please show the full contents of your common-session config.
> session sufficient pam_ldap.so
> session required pam_unix.so try_first_pass
> session required pam_mkhomedir.so skel=/etc/skel umask=022
sufficient
success of such a module is enough to satisfy the authentication
requirements of the stack of modules (if a prior required module has failed
the success of this one is ignored). A failure of this module is not deemed
as fatal to satisfying the application that this type has succeeded. If the
module succeeds the PAM framework returns success to the application
immediately without trying any other modules.
/usr/share/doc/libpam-doc/txt/Linux-PAM_SAG.txt.gz.
And according to the documentation, using pam_ldap in the session stack is a
no-op, which means the stack will short-circuit for all users.
You should drop pam_ldap from common-session completely. You should also
remove the "try_first_pass" option to pam_unix, which is meaningless in the
context of session management.
That should be enough to fix the problem for you. If you find that it
doesn't, feel free to reopen the bug report with more information.
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
[EMAIL PROTECTED] http://www.debian.org/
--- End Message ---
