[Bug 463524] New: pam_mount (0.47-12.11) does not mount from luserconf
https://bugzilla.novell.com/show_bug.cgi?id=463524 Summary: pam_mount (0.47-12.11) does not mount from luserconf Product: openSUSE 11.1 Version: Final Platform: i586 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: werner.flamme@ufz.de QAContact: qa@suse.de Found By: --- Hi all, pam_mount [pam_mount-0.47-12.11] is giving me grey hairs again :-( First, there is an additional pam_mount password prompt, though pam_mount uses the try_first_pass or use_first_pass option every time it is found in /etc/pam.d/*. Second, it does not mount from the luserconf file. In /etc/security/pam_mount.conf.xml, I have four entries like: <volume user="*" fstype="cifs" server="conserv1.leipzig.ufz.de" path="ufzall" mountpoint="~/Documents/NetMounts/ufzall" options="dir_mode=0755,file_mode=0644,mapchars,domain=INTERN" /> They are alle mounted. In ~/.pam.mount.conf.xml, there is an entry <volume user="licht" fstype="cifs" server="webdev.leipzig.ufz.de" path="coder" mountpoint="~/Documents/NetMounts/coder" options="dir_mode=0750,file_mode=0640,mapchars,domain=INTERN" /> This is not mounted. In /var/log/messages, I find: login[11642]: pam_mount(rdconf1.c:673) path to luserconf set to /home/licht/.pam_mount.conf.xml login[11642]: pam_mount(pam_mount.c:259) pam_mount 0.47: entering auth stage login[11642]: pam_mount(pam_mount.c:191) enter read_password login[11642]: pam_mount(pam_mount.c:294) saving authtok for session code (authtok=0x8061bb8) login[11642]: pam_mount(rdconf1.c:673) path to luserconf set to /home/licht/.pam_mount.conf.xml login[11642]: pam_mount(pam_mount.c:437) pam_mount 0.47: entering session stage login[11642]: pam_mount(pam_mount.c:458) back from global readconfig login[11642]: pam_mount(pam_mount.c:462) going to readconfig user login[11642]: pam_mount(pam_mount.c:467) back from user readconfig login[11642]: pam_mount(misc.c:45) Session open: (uid=0, euid=0, gid=0, egid=0) login[11642]: pam_mount(rdconf2.c:190) checking sanity of volume record (coder) login[11642]: pam_mount(rdconf2.c:131) checking sanity of luserconf volume record (coder) login[11642]: pam_mount(rdconf2.c:71) option "nodev" required login[11642]: Luser volume for /home/licht/Documents/NetMounts/coder is missing options that are required by global <mntoptions> login[11642]: pam_mount(rdconf2.c:44) option "dir_mode" not allowed login[11642]: Luser volume for /home/licht/Documents/NetMounts/coder has options that are not allowed per global <mntoptions> Since in /etc/security/pam_mount.conf.xml I read <mntoptions deny="suid,dev" /> as only valid mntoptions entry, this is a "false fault" in my eyes. In 11.0 [pam_mount-0.35-15.6], the same entry works (for user "wflamme" at least). Can I do anything to have the entries in luserconf honored again? Regards, Werner -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=463524
Marcus Meissner
https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c1
Michael Calmer
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c2
--- Comment #2 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c3
Michael Calmer
https://bugzilla.novell.com/show_bug.cgi?id=463524
User jengelh@medozas.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c4
--- Comment #4 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c5
Michael Calmer
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c6
--- Comment #6 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User jengelh@medozas.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c7
--- Comment #7 from Jan Engelhardt
why does this very mount work when in the global config instead of being in the luserconf file?
The allow/deny/require restrictions are only for luserconf files. Only root can edit the global volume list, so when s/he does, we assume root knows what root is doing. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c8
--- Comment #8 from Michael Calmer
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c9
--- Comment #9 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c10
--- Comment #10 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c11
--- Comment #11 from Michael Calmer
https://bugzilla.novell.com/show_bug.cgi?id=463524
User jengelh@medozas.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c12
--- Comment #12 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c13
--- Comment #13 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User jengelh@medozas.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c14
--- Comment #14 from Jan Engelhardt
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c15
--- Comment #15 from Werner Flamme
https://bugzilla.novell.com/show_bug.cgi?id=463524
User jengelh@medozas.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c16
--- Comment #16 from Jan Engelhardt
Is it only one <mntoptions /> tag with all three attributes?
The conf reader does not care if you have three <mntoptions> with one attribute, or one <mntoptions> with three attributes (or two-two, whatever other combinations there are). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=463524
User werner.flamme@ufz.de added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c17
--- Comment #17 from Werner Flamme
participants (1)
-
bugzilla_noreply@novell.com