Discussion:
pam_mount
Jeff Layton
2014-02-19 01:03:48 UTC
Permalink
On Tue, 18 Feb 2014 21:31:30 +0000
Jeff,
=20
My name is David Swanger, I am computer analyst at Auburn University.=
I have a server issue and your Red Hat Summit web site leads me to th=
ink maybe you can help me.
=20
Typically, these sorts of questions get sent to the linux-cifs mailing
list. I've cc'ed it here...
http://www.redhat.com/promo/summit/2010/presentations/summit/in-the-w=
eeds/wed/jlayton-310-interoperability/jlayton_summit_2010-Final.pdf
=20
I have a RHEL 6 server. Users authenticate with an AD server and tha=
t works fine. I used Powerbroker to help connect to the AD server.
=20
Never heard of powerbroker, sorry...
I want users to be able to cifs mount their home directories from a S=
amba server using pam_mount and kerberos. I have a pam_mount.conf.xml =
with mount information/flags.
=20
Here is what happens. People log in and their home directories do no=
t mount. In the system log, they are trying and failing to get a syste=
m ticket.
=20
=20
Feb 18 15:15:38 mallard2 cifs.upcall: handle_krb5_mech: getting servi=
ce ticket for ausamba.auburn.edu
=20
Feb 18 15:15:38 mallard2 cifs.upcall: cifs_krb5_get_req: unable to re=
solve (null) to ccache
=20
Feb 18 15:15:38 mallard2 cifs.upcall: handle_krb5_mech: failed to obt=
ain service ticket (-1765328245)
=20
However, if they enter a kinit command, enter their password, log out=
then log back in, then their home dirs are mounted. Basically I guess=
I=92d like the user to auto enter a kinit command when they first log =
in. Do you know how to make this work?
=20
Typically, you use something like pam_krb5 to get krb5 creds at login
time, or nowadays something like sssd.
If you can help, I would appreciate it. If not, I understand.
=20
Good luck!

--=20
Jeff Layton <jlayton-H+wXaHxf7aLQT0dZR+***@public.gmane.org>
Dave Swanger
2014-02-19 12:51:59 UTC
Permalink
Thanks Jeff!
Post by Jeff Layton
On Tue, 18 Feb 2014 21:31:30 +0000
Jeff,
=20
My name is David Swanger, I am computer analyst at Auburn University=
=2E
Post by Jeff Layton
I have a server issue and your Red Hat Summit web site leads me to th=
ink
Post by Jeff Layton
maybe you can help me.
=20
Typically, these sorts of questions get sent to the linux-cifs mailing
list. I've cc'ed it here...
=20
http://www.redhat.com/promo/summit/2010/presentations/summit/in-the-w=
eeds
Post by Jeff Layton
/wed/jlayton-310-interoperability/jlayton_summit_2010-Final.pdf
=20
I have a RHEL 6 server. Users authenticate with an AD server and th=
at
Post by Jeff Layton
works fine. I used Powerbroker to help connect to the AD server.
=20
Never heard of powerbroker, sorry...
I want users to be able to cifs mount their home directories from a
Samba server using pam_mount and kerberos. I have a pam_mount.conf.x=
ml
Post by Jeff Layton
with mount information/flags.
=20
Here is what happens. People log in and their home directories do n=
ot
Post by Jeff Layton
mount. In the system log, they are trying and failing to get a syste=
m
Post by Jeff Layton
ticket.
=20
=20
Feb 18 15:15:38 mallard2 cifs.upcall: handle_krb5_mech: getting serv=
ice
Post by Jeff Layton
ticket for ausamba.auburn.edu
=20
Feb 18 15:15:38 mallard2 cifs.upcall: cifs_krb5_get_req: unable to
resolve (null) to ccache
=20
Feb 18 15:15:38 mallard2 cifs.upcall: handle_krb5_mech: failed to
obtain service ticket (-1765328245)
=20
However, if they enter a kinit command, enter their password, log ou=
t
Post by Jeff Layton
then log back in, then their home dirs are mounted. Basically I gues=
s
Post by Jeff Layton
I=B9d like the user to auto enter a kinit command when they first log=
in.
Post by Jeff Layton
Do you know how to make this work?
=20
Typically, you use something like pam_krb5 to get krb5 creds at login
time, or nowadays something like sssd.
If you can help, I would appreciate it. If not, I understand.
=20
Good luck!
--=20
Continue reading on narkive:
Loading...