Re: Mount samba share using pam_mount
On 02/07/2020 12:13, Jon Ingason wrote: Den 2020-07-01 kl. 20:10, skrev Simon Colston: I guess nobody has experience of this. Is this not normal practice? Why not ask this question on the Samba list? https://lists.samba.org/mailman/options/samba Thanks. I'll give it a try. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Mount samba share using pam_mount
Den 2020-07-01 kl. 20:10, skrev Simon Colston: > I guess nobody has experience of this. Is this not normal practice? > Why not ask this question on the Samba list? https://lists.samba.org/mailman/options/samba -- Regards Jon Ingason ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Mount samba share using pam_mount
On Wed, Jul 01, 2020 at 07:10:15PM +0100, Simon Colston wrote: > > I guess nobody has experience of this. Is this not normal practice? I've been using autofs with Kerberos authentication coming from the user's tickets (and the request-key infrastructure for credential handoff). -- Jonathan Billings ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Re: Mount samba share using pam_mount
I guess nobody has experience of this. Is this not normal practice? -- Simon On 27/06/2020 18:43, Simon Colston wrote: Fedora Workstation 32 I'm trying to mount a samba share at login using pam_mount. The steps I've taken so far after googling and man-page reading are: 1. In /etc/security/pam_mount.conf.xml I uncommented the line: 2. Created the file ~/.pam_mount.conf.xml containing: 3. To add pam_mount.so to pam.d I changed /etc/pam.d/login to: #%PAM-1.0 auth substack system-auth auth optional pam_mount.so auth include postlogin account required pam_nologin.so account include system-auth password include system-auth # pam_selinux.so close should be the first session rule session required pam_selinux.so close session optional pam_mount.so session required pam_loginuid.so session optional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context session required pam_selinux.so open session required pam_namespace.so session optional pam_keyinit.so force revoke session include system-auth session include postlogin -session optional pam_ck_connector.so and /etc/pam.d/gdm-password to: auth [success=done ignore=ignore default=bad] pam_selinux_permit.so auth substack password-auth auth optional pam_mount.so auth optional pam_gnome_keyring.so auth include postlogin account required pam_nologin.so account include password-auth password substack password-auth -password optional pam_gnome_keyring.so use_authtok session required pam_selinux.so close session optional pam_mount.so session required pam_loginuid.so session optional pam_console.so session required pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_namespace.so session include password-auth session optional pam_gnome_keyring.so auto_start session include postlogin I log out and back in again and... it does not work. (I can mount this share from the command line using the mount command.) So my question is... what am I doing wrong? Simon ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org
Mount samba share using pam_mount
Fedora Workstation 32 I'm trying to mount a samba share at login using pam_mount. The steps I've taken so far after googling and man-page reading are: 1. In /etc/security/pam_mount.conf.xml I uncommented the line: 2. Created the file ~/.pam_mount.conf.xml containing: 3. To add pam_mount.so to pam.d I changed /etc/pam.d/login to: #%PAM-1.0 auth substack system-auth auth optional pam_mount.so auth include postlogin accountrequired pam_nologin.so accountinclude system-auth password include system-auth # pam_selinux.so close should be the first session rule sessionrequired pam_selinux.so close sessionoptional pam_mount.so sessionrequired pam_loginuid.so sessionoptional pam_console.so # pam_selinux.so open should only be followed by sessions to be executed in the user context sessionrequired pam_selinux.so open sessionrequired pam_namespace.so sessionoptional pam_keyinit.so force revoke sessioninclude system-auth sessioninclude postlogin -session optional pam_ck_connector.so and /etc/pam.d/gdm-password to: auth [success=done ignore=ignore default=bad] pam_selinux_permit.so authsubstack password-auth authoptional pam_mount.so authoptional pam_gnome_keyring.so authinclude postlogin account required pam_nologin.so account include password-auth passwordsubstack password-auth -password optional pam_gnome_keyring.so use_authtok session required pam_selinux.so close session optional pam_mount.so session required pam_loginuid.so session optional pam_console.so session required pam_selinux.so open session optional pam_keyinit.so force revoke session required pam_namespace.so session include password-auth session optional pam_gnome_keyring.so auto_start session include postlogin I log out and back in again and... it does not work. (I can mount this share from the command line using the mount command.) So my question is... what am I doing wrong? Simon ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org