[X2go-User] x2go, pam_mount cifs and multiple mounting
Denis Cardon
denis.cardon at tranquil-it-systems.fr
Mon Oct 17 20:29:05 CEST 2011
Hi everyone,
>
> I am trying to setup pam_mount+cifs for a x2go server. I want to remove
> an aging nfs based homedir setup.
>
> The mounting works ok and I get my x2go session with my homedir file.
> However, due to the way x2go deals with logon process, it seems that the
> pam scripts are called five times, and so I get the home dir mounted
> five times !
for the time being, I have added a hackish wrapper script that checks if
the share is already mounted or not (very basic, not bullet proof). It
is probably not the best way to do it, so if anyone has any hints, they
are welcome !
Thanks,
Denis
change to /etc/security/pam_mount.conf.xml :
<cifsmount>mount.cifs-wrapper //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\"
OPTIONS)"</cifsmount>
wrapper script /sbin/mount.cifs-wrapper
==========================
#!/bin/bash
VAL=`cat /proc/mounts | grep $2 | wc -l `
if [ $VAL -eq 0 ] ; then
mount.cifs $@
fi
===========================
>
> The homedirs are stored on a samba/openldap PDC servers.
>
> I wanted to know if anyone of you had some trick to avoid the redondant
> mounting. I pasted below the revelant files.
>
>
> /etc/secutiry/pam_mount.conf.xml
> ==================
> <?xml version="1.0" encoding="utf-8" ?>
> <!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
> <pam_mount>
> <debug enable="1" />
> <volume user="*" fstype="cifs" server="srvfichiers" path="%(USER)"
> mountpoint="/home/homes/%(USER)/"
> options="uid=%(USER),workgroup=MYDOMAIN" />
> <mntoptions allow="nosuid,nodev,nonempty,allow_root" />
> <mntoptions require="nosuid,nodev" />
> <mkmountpoint enable="1" remove="true" />
> </pam_mount>
> ====================
>
> /etc/pam.d/common-auth
> ======================
> auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass
> auth [success=1 default=ignore] pam_ldap.so use_first_pass
> auth requisite pam_deny.so
> auth required pam_permit.so
> auth optional pam_mount.so
> ======================
>
> /etc/pam.d/common-session
> ==========================
> session [default=1] pam_permit.so
> session requisite pam_deny.so
> session required pam_permit.so
> session required pam_unix.so
> session optional pam_ck_connector.so nox11
> session required pam_mkhomedir.so silent skel=/etc/skel.empty
> session optional pam_mount.so
> session optional pam_ldap.so
> =======================
>
>
--
Denis Cardon
Tranquil IT Systems
44 bvd des pas enchantés
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.57
http://www.tranquil-it-systems.fr
More information about the x2go-user
mailing list