Package: libpam-mount
Version: 2.14-1.1
I have a setup where client computers run Debian Jessie and use:
- libpam-ldapd for authentication
- libpam-mount to mount a remote home directory through sshfs, using the
login password entered by the user. The remote server uses the same ldap
server for authentication.
Normally works.
However if the user's password has expired, and he is forced to change
it straight away on login, libpam-mount fails to mount the home directory.
It tries to login to the remote server with the old password, instead of
the changed new one.
It seems the Debian package only adds libpam-mount to
/etc/pam.d/common-auth (to capture the entererd password), and
/etc/pam.d/common-session (where it uses the earlier captured password
to do the actual mount).
However to be able to capture the new password on forced password
changes on login, it should also be added to /etc/pam.d/common-password
Adding the following line there seems to fix it for me:
password optional pam_mount.so
disable_interactive
--
Yours sincerely,
Floris Bos
