| View previous topic :: View next topic |
| Author |
Message |
chrism
Guru
Joined: 15 Jul 2004
Posts: 526
|
 Posted: Mon Sep 18, 2006 9:20 pm Post subject: Problem with pam_mount and samba (read-only) |
 |
|
Hi,
we have a Samba-Server with LDap. It is working allright with Windows Workstations. If I try to use it with a linux machine using pam_mount it mounts the home directory ok, execpt that all subdirectories are read-only. It is not possible to chmod them or to chown them. The User ID seems to be allright.
Thanks for your help,
Chris |
|
| Back to top |
|
 |
phorn
Tux's lil' helper
Joined: 01 Jul 2006
Posts: 109
|
| Posted: Tue Sep 19, 2006 8:07 am Post subject: |
|
|
You will want to look at the uid, gid and umask options to mount--those will let you change permissions and ownership to the proper user.
For my fstab entries I use: uid=1000,gid=1000,umask=022
Note that you will need to replace the "1000"'s with pam_mount's parameters for UID and GID--I think it gives those to the command. |
|
| Back to top |
|
|
chrism
Guru
Joined: 15 Jul 2004
Posts: 526
|
| Posted: Tue Sep 19, 2006 11:10 am Post subject: |
|
|
| phorn wrote: |
For my fstab entries I use: uid=1000,gid=1000,umask=022
|
I don't think I need the fstab, since it should mount the users' home-directory automatically. The useres are authenticated via LDAP.
Chris |
|
| Back to top |
|
|
phorn
Tux's lil' helper
Joined: 01 Jul 2006
Posts: 109
|
| Posted: Thu Sep 21, 2006 7:58 am Post subject: |
|
|
You said the directories were being mounted read-only. I was looking at my fstab and noticed those uid, gid options. Are you sure you have them?
I tried setting up pam_mount a while ago for a linux server on a domain, and here is the line that defines this:
| Code: | | cifsmount /bin/mount -t cifs "//%(SERVER)/%(VOLUME)" %(MNTPT) -o "username=%(USER),domain=engineering,uid=%(USERUID),gid=%(USERGID),user,acl%(before=\",\" OPTIONS)" |
You may want to play around with the user, acl, uid and gid options--Maybe you want to disable "acl" since that may make it ignore your uid and gid options.
Later on, this mounts the directory:
| Code: | | volume @@10000 cifs nas "home_&" "/home/&" dir_mode=0711 - - |
The problem you are describing may also be related to the "dir_mode" setting. Also, check the owner and group of the files in question.
Could you post your pam_mount.conf?
It would also help to look at the output of "ls -l" in a place where you can't write files.
Also, the exact error message would help--there are many variations on "read-only" or "invalid operation" "permission denied" that indicate completely different problems.
An idea I had once was to have a global mount in an inaccessable location (700 for root) where users can't get to it (unless it is bound to their directory), and then make pam_mount use the "-o bind" option. If you use the unix extensions, I think UID and GID should automatically be correct, so it would just take a -obind into a user's homedir.
Anyway, good luck on getting this beast working (I'm amazed that you have made it so far with such a setup  )
In my experience, PAM, Samba, LDAP and Active Directory can all be *really* annoying to get working by themselves. Combining them sometimes requires black magic (such as heavily hacking the source to pam_ldap  ). |
|
| Back to top |
|
|
chrism
Guru
Joined: 15 Jul 2004
Posts: 526
|
| Posted: Thu Sep 28, 2006 12:57 pm Post subject: |
|
|
Hallo,
thanks for your help. It works now. I am using nfs and openvpn for security.
CIFS did work, had problems with kde, though, since it KDE wasn't able to build sockets.
Chris |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Networking & Security
