I need to use pam_mount to mount user home directories individually at the time that each user logs in. I cant locate a package for this, at least for Centos 6. I would not have a problem building from source if this was a source based distro but because its not I would need to install gcc and all the dependences, seems like overkill.
3 Answers
The support matrix says: It does not work right now.
http://pam-mount.sourceforge.net/distro-support.php
It seems that you have to wait for a working release. Even installing the compiler toolchain will not help in this case.
![](../../users/profiles/85909.webp)
- 1,700
- 12
- 22
-
The not so fine print from the top of that page: "(This page claims neither completeness nor actuality. It will be updated as I see fit, no need to write me.)" – Chad Feller Aug 20 '11 at 06:49
I would expect a RHEL6/CentOS6 pam_mount package via EPEL soon.
Until then, you can cherry pick pam_mount and libHX from Fedora 12, as RHEL6 was largely based off of it.
Just grab the packages manually and do a yum install
.
I went ahead and did this on one of my RHEL6 boxes, as I'm using pam_mount in a few places:
# yum install pam_mount-2.5-1.fc12.x86_64.rpm libHX-3.6-1.fc12.x86_64.rpm
I went ahead and configured it, and it works perfectly.
Since CentOS aims for 100% binary compatibility with RHEL, it should work fine on your CentOS6 box too.
![](../../users/profiles/79609.webp)
- 776
- 5
- 6
-
Sweet! I tried to do what you describe but when trying to do the yum localinstall I get an error "warning: rpmts_HdrFromFdno: Header V3 RSA/SHA256 Signature, key ID 57bbccba: NOKEY Public key for pam_mount-2.5-1.fc12.x86_64.rpm is not installed ". Is there a way to install that public key? – startoftext Aug 22 '11 at 23:43
-
-
Thanks, I ended up finding that in google. I thought it was going to be more complicated then that. – startoftext Aug 22 '11 at 23:48
-
-
I hope this helps someone. I downloaded the Fedora 17 SRPMS for pam_mount and LibHX, did a rpmbuild and install of LibHX, then pam_mount. The options for the pam_mount.conf.xml are limited, compared to newer OSs. My /etc/secutity/pam_mount.conf.xml mount lines are like:
<volume fstype="cifs" server="fileserver1.foo.com" path="home" mountpoint="~/U" options="dir_mode=0700,file_mode=0700,nosuid,nodev"> <not> <uid>0-1024</uid> </not> </volume>
I had to tweak /etc/pam.d/password-auth:
auth required pam_env.so
auth requisite pam_succeed_if.so uid >= 500 quiet
auth [success=2 default=ignore] pam_unix.so nullok try_first_pass
auth [success=1 default=ignore] pam_sss.so use_first_pass
auth requisite pam_deny.so
auth optional pam_mount.so
account required pam_unix.so
account sufficient pam_localuser.so
account sufficient pam_succeed_if.so uid < 500 quiet
account [default=bad success=ok user_unknown=ignore] pam_sss.so
account required pam_permit.so
password requisite pam_cracklib.so try_first_pass retry=3 type=
password sufficient pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password sufficient pam_sss.so use_authtok
password required pam_deny.so
session optional pam_keyinit.so revoke
session required pam_limits.so
session optional pam_mkhomedir.so
session [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session required pam_unix.so
session [default=bad success=ok user_unknown=ignore] pam_sss.so use_first_pass
session optional pam_mount.so
The default "sufficient" on the pam_sss lines will prevent the mounts from occurring.
![](../../users/profiles/155599.webp)
- 1