Yminus Apprentice
Joined: 06 Jan 2008 Posts: 184
|
Posted: Sat Jun 28, 2008 12:16 am Post subject: pam_mount & entrance: Login erst beim 2. Mal erfolgreich |
|
|
Ich möchte eine mit "cryptsetup" verschlüsselte home-Partition beim Login automatisch unter /home einbinden. Wenn ich mich im Terminal einlogge, funktioniert das problemlos. Logge ich mich in "Entrance" ein, dann wird die Sitzung geöffnet und gleich wieder geschlossen. Wenn ich mich dann ein zweitesmal einlogge, startet die Sitzung erfolgreich.
Code: | # less /etc/security/pam_mount.conf.xml | grep "/dev/sda8"
<volume fstype="crypt" path="/dev/sda8" mountpoint="/home" /> |
Code: | # less /etc/pam.d/system-auth
auth required pam_env.so
auth required pam_unix.so try_first_pass likeauth nullok # habe diese Zeile auch schon mit der nächsten vertauscht
# Folgende Zeile habe ich eingefügt:
auth optional pam_mount.so use_first_pass # habe es auch schon mit "try_first_pass" probiert
account required pam_unix.so
password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 try_first_pass retry=3
password required pam_unix.so try_first_pass use_authtok nullok md5 shadow
session required pam_limits.so
session required pam_env.so
session required pam_unix.so
# Folgende Zeile habe ich eingefügt:
session optional pam_mount.so |
Code: | # less /etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth required pam_tally.so file=/var/log/faillog onerr=succeed
auth required pam_shells.so
auth required pam_nologin.so
auth include system-auth
account required pam_access.so
account include system-auth
account required pam_tally.so file=/var/log/faillog onerr=succeed
password include system-auth
session required pam_env.so
session optional pam_lastlog.so
session optional pam_motd.so motd=/etc/motd
session optional pam_mail.so
session include system-auth |
Code: | # less /etc/pam.d/entrance
#%PAM-1.0
auth required pam_nologin.so
auth include system-auth
account include system-auth
password include system-auth
session include system-auth |
Aus /var/log/Auth.log:
Quote: | Jun 28 16:43:33 lars_desktop entrance: pam_mount(pam_mount.c:307) saving authtok for session code
Jun 28 16:43:34 lars_desktop entrance: pam_unix(entrance:session): session opened for user lars by (uid=0)
Jun 28 16:43:34 lars_desktop entrance: pam_mount(pam_mount.c:459) Entered pam_mount session stage
Jun 28 16:43:34 lars_desktop entrance: pam_mount(pam_mount.c:480) back from global readconfig
Jun 28 16:43:34 lars_desktop entrance: pam_mount(pam_mount.c:482) per-user configurations not allowed by pam_mount.conf.xml
Jun 28 16:43:34 lars_desktop entrance: pam_mount(misc.c:43) Session open: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:34 lars_desktop entrance: pam_mount(rdconf2.c:181) checking sanity of volume record (/dev/sda8)
Jun 28 16:43:34 lars_desktop entrance: pam_mount(pam_mount.c:534) about to perform mount operations
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:369) information for mount:
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:370) ----------------------
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:371) (defined by globalconf)
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:372) user: lars
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:373) server:
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:374) volume: /dev/sda8
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:375) mountpoint: /home
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:376) options:
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:377) fs_key_cipher:
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:378) fs_key_path:
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:379) use_fstab: 0
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:380) ----------------------
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:172) realpath of volume "/home" is "/home"
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:176) checking to see if /dev/mapper/_dev_sda8 is already mounted at /home
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:821) checking for encrypted filesystem key configuration
Jun 28 16:43:34 lars_desktop entrance: pam_mount(mount.c:847) about to start building mount command
Jun 28 16:43:34 lars_desktop entrance: pam_mount(misc.c:275) command: mount.crypt [/dev/sda8] [/home]
Jun 28 16:43:34 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<pre>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:34 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<post>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(mount.c:90) mount errors:
Jun 28 16:43:38 lars_desktop entrance: pam_mount(mount.c:93) Command successful.
Jun 28 16:43:38 lars_desktop entrance: pam_mount(mount.c:886) waiting for mount
Jun 28 16:43:38 lars_desktop entrance: pam_mount(pam_mount.c:127) clean system authtok (0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(misc.c:275) command: pmvarrun [-u] [lars] [-o] [1]
Jun 28 16:43:38 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<pre>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<post>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(pam_mount.c:424) pmvarrun says login count is 1
Jun 28 16:43:38 lars_desktop entrance: pam_mount(pam_mount.c:547) done opening session (ret=0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(pam_mount.c:109) Clean global config (0)
Jun 28 16:43:38 lars_desktop entrance: pam_mount(pam_mount.c:127) clean system authtok (0)
Jun 28 16:43:38 lars_desktop entrance_login[6260]: pam_unix(entrance:session): session closed for user lars
Jun 28 16:43:38 lars_desktop entrance_login[6260]: pam_mount(pam_mount.c:589) received order to close things
Jun 28 16:43:38 lars_desktop entrance_login[6260]: pam_mount(pam_mount.c:591) No volumes to umount
Jun 28 16:43:38 lars_desktop entrance_login[6260]: pam_mount(pam_mount.c:635) pam_mount execution complete
Jun 28 16:43:49 lars_desktop entrance: pam_mount(pam_mount.c:307) saving authtok for session code
Jun 28 16:43:50 lars_desktop entrance: pam_unix(entrance:session): session opened for user lars by (uid=0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:459) Entered pam_mount session stage
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:480) back from global readconfig
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:482) per-user configurations not allowed by pam_mount.conf.xml
Jun 28 16:43:50 lars_desktop entrance: pam_mount(misc.c:43) Session open: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(rdconf2.c:181) checking sanity of volume record (/dev/sda8)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:534) about to perform mount operations
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:369) information for mount:
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:370) ----------------------
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:371) (defined by globalconf)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:372) user: lars
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:373) server:
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:374) volume: /dev/sda8
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:375) mountpoint: /home
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:376) options:
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:377) fs_key_cipher:
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:378) fs_key_path:
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:379) use_fstab: 0
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:380) ----------------------
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:172) realpath of volume "/home" is "/home"
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:176) checking to see if /dev/mapper/_dev_sda8 is already mounted at /home
Jun 28 16:43:50 lars_desktop entrance: pam_mount(mount.c:801) /dev/sda8 already seems to be mounted at /home, skipping
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:127) clean system authtok (0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(misc.c:275) command: pmvarrun [-u] [lars] [-o] [1]
Jun 28 16:43:50 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<pre>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(misc.c:43) set_myuid<post>: (uid=0, euid=0, gid=0, egid=0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:424) pmvarrun says login count is 2
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:547) done opening session (ret=0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:109) Clean global config (0)
Jun 28 16:43:50 lars_desktop entrance: pam_mount(pam_mount.c:127) clean system authtok (0) |
Ich habe auch schon versucht /etc/pam.d/entrance und /etc/pam.d/login direkt zu editieren, aber meine Änderungen an diesen Dateien werden nach einem Neustart überschrieben!?!? Bug oder Feature?
Was läuft da schief?
[EDIT]: richtiges Logfile eingefügt |
|