[Bug 728193] New: pam_mount does not expand %(DOMAIN_NAME) if winbind uses the default domain
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c0 Summary: pam_mount does not expand %(DOMAIN_NAME) if winbind uses the default domain Classification: openSUSE Product: openSUSE 12.1 Version: RC 1 Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: luizluca@tre-sc.gov.br QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 Hello, I configured my system to auth with winbind. I also added this option in smb.conf in order to avoid the need of domain name in username: winbind use default domain = yes Also, I have pam_mount mounting a cifs server. I use this one: <volume options="nounix" server="server" path="rede" mountpoint="/home/%(DOMAIN_NAME)/%(DOMAIN_USER)/g" fstype="cifs"><uid>10000-20000</uid></volume> Now comes the problem. If I use default domain, the home of the user is still: /home/DOMAIN/user But pam_mount does not expand DOMAIN_NAME anymore. It try to mount into: /home//user/g I have no way to detect the users' home dir. Reproducible: Always Steps to Reproduce: 1. Configure auth in windows domain 2. Configure a mount dir at logon using /%(DOMAIN_NAME)/%(DOMAIN_USER)/ 3. Configure winbind (smb.conf) with the option "winbind use default domain = yes" 4. Restart winbind 5. Logon with a user not using domain name Actual Results: 6. create the dir /home/user 7. nothing is mounted Expected Results: 6. It should mount the remote dir inside the home I guess the easiest solution would be to add %(HOME) to the exapandable variables in pam_mount. Also, DOMAIN_NAME should expand to the user's domain name even if winbind is using implicit domain name. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c Andreas Jaeger <aj@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |mc@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c Michael Calmer <mc@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|mc@suse.com |jengelh@medozas.de -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c1 --- Comment #1 from Jan Engelhardt <jengelh@medozas.de> 2011-11-04 13:11:48 UTC --- There just is no way to get at the default domain name. DOMAIN_NAME is calculated from the username that is used to log in; if there is no \ in the username, there is no domain part. And pam_winbind does not export the domain name - cf. http://www.samba.org/samba/docs/man/manpages-3/pam_winbind.8.html (PAM DATA EXPORTS). You would need to talk to the samba people to make the change. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c2 --- Comment #2 from Luiz Angelo Daros de Luca <luizluca@tre-sc.gov.br> 2011-11-04 20:46:15 UTC --- Hum... so the %(DOMAIN_NAME) is obtained from the username? Well, then I just ask for a simple %(HOME). There is no way to securely specify the path for a mount dir inside home. HOME is available in pam, right? Also, PAM_WINBIND_HOMEDIR and PAM_WINBIND_PROFILEPATH would be useful in pam_mount. I'm filling a bug for the missing domain name in pam_winbind. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c3 --- Comment #3 from Luiz Angelo Daros de Luca <luizluca@tre-sc.gov.br> 2011-11-04 20:52:23 UTC --- I asked for a PAM_WINBIND_DOMAINNAME. https://bugzilla.samba.org/show_bug.cgi?id=8577 Can you help me with a %(HOME)? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c4 Jan Engelhardt <jengelh@medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FEATURE --- Comment #4 from Jan Engelhardt <jengelh@medozas.de> 2011-11-04 22:48:03 UTC --- As per the pam_mount.conf(5) manpage, you can use mountpoint="~". -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c5 --- Comment #5 from Jan Engelhardt <jengelh@medozas.de> 2011-11-04 22:52:11 UTC --- # This includes combinations with subdirs, e.g. <volume server="fs1" path="foo" mountpoint="~/fs-foo" />, which may be required when you experience problems with certain desktop environment daemons (e.g. kde3 dcop) which try to create a socket - and network filesystems or non-POSIX filesystems don't always like them. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=728193 https://bugzilla.novell.com/show_bug.cgi?id=728193#c6 --- Comment #6 from Luiz Angelo Daros de Luca <luizluca@tre-sc.gov.br> 2011-11-07 17:42:01 UTC --- Thanks! That's what I need as a workarround. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com