The specs:
Fedora Core 1
samba-3.0.7-2.FC1
openssh-3.6.1p2-19
pam-0.77-15
The details:
SAMBA is installed
computer is connected to the a Windows 2000 domain
wbinfo -u / -g / -t all give the desired results
getent passwd lists domain users
/etc/pam.d/sshd:
auth sufficient pam_winbind.so
auth required pam_stack.so service=system-auth
auth required pam_nologin.so
accountsufficient pam_winbind.so
accountrequired pam_stack.so service=system-auth
password sufficient pam_winbind.so use_authtok
password required pam_stack.so service=system-auth
sessionrequired pam_stack.so service=system-auth
#sessionrequired pam_limits.so
#sessionoptional pam_console.so
/etc/pam.d/system-auth:
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
authrequired /lib/security/$ISA/pam_env.so
authsufficient/lib/security/$ISA/pam_unix.so likeauth nullok
authrequired /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
passwordrequired /lib/security/$ISA/pam_cracklib.so retry=3 type=
passwordsufficient/lib/security/$ISA/pam_unix.so nullok use_authtok md5
shadow
passwordrequired /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel uma
sk=0022
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
The problem:
If I try to log in through ssh the messages log file shows I have been
granted access but the ssh session shows I have been disconnected from
the server. The secure log shows:
Mar 9 11:10:43 webb sshd[2315]: Accepted password for matt from
1xx.2xx.1x.1xx port 1022
Mar 9 11:10:43 webb sshd[2317]: fatal: PAM session setup failed[6]:
Permission denied
Now if I create a directory in /export/httpd/users/ called matt I can
log in with no problem. If I change the permissions on the
/export/httpd/users/ directory to 777 I can log in with no problem.
So obviously pam_mkhomedir.so isn't being run with the correct
permissions. I don't want to have to generate directories for each
user in our AD so hopefully someone can point out what I am missing.
As a test I set up another machine running Core3 with a standard
install and it worked without a hitch. I have compared the files
between the two systems and everything looks about the same Any
help would be greatly appreciated!
matt
--
To unsubscribe from this list go to the following URL and read the
instructions: https://lists.samba.org/mailman/listinfo/samba