Re: [X2go-User] x2go, pam_mount cifs and multiple mounting

17 Oct 2011


      Hi everyone,
...
I am trying to setup pam_mount+cifs for a x2go server. I want to remove
an aging nfs based homedir setup.
The mounting works ok and I get my x2go session with my homedir file.
However, due to the way x2go deals with logon process, it seems that the
pam scripts are called five times, and so I get the home dir mounted
five times !
for the time being, I have added a hackish wrapper script that checks if
the share is already mounted or not (very basic, not bullet proof). It
is probably not the best way to do it, so if anyone has any hints, they
are welcome !
Thanks,
Denis
change to /etc/security/pam_mount.conf.xml :
<cifsmount>mount.cifs-wrapper //%(SERVER)/%(VOLUME) %(MNTPT) -o
"user=%(USER),uid=%(USERUID),gid=%(USERGID)%(before=\",\"
OPTIONS)"</cifsmount>
wrapper script /sbin/mount.cifs-wrapper
#!/bin/bash
VAL=cat /proc/mounts | grep $2 | wc -l 
if [ $VAL -eq 0 ] ; then
mount.cifs $@
fi
...
The homedirs are stored on a samba/openldap PDC servers.
I wanted to know if anyone of you had some trick to avoid the redondant
mounting. I pasted below the revelant files.
/etc/secutiry/pam_mount.conf.xml
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<pam_mount>
<debug enable="1" />
<volume user="*" fstype="cifs" server="srvfichiers" path="%(USER)"
mountpoint="/home/homes/%(USER)/"
options="uid=%(USER),workgroup=MYDOMAIN" />
<mntoptions allow="nosuid,nodev,nonempty,allow_root" />
<mntoptions require="nosuid,nodev" />
<mkmountpoint enable="1" remove="true" />
</pam_mount>
/etc/pam.d/common-auth
auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass
auth [success=1 default=ignore] pam_ldap.so use_first_pass
auth requisite pam_deny.so
auth required pam_permit.so
auth optional pam_mount.so
/etc/pam.d/common-session
session [default=1] pam_permit.so
session requisite pam_deny.so
session required pam_permit.so
session required pam_unix.so
session optional pam_ck_connector.so nox11
session required pam_mkhomedir.so silent skel=/etc/skel.empty
session optional pam_mount.so
session optional pam_ldap.so
--
Denis Cardon
Tranquil IT Systems
44 bvd des pas enchantés
44230 Saint Sébastien sur Loire
tel : +33 (0) 2.40.97.57.57
http://www.tranquil-it-systems.fr

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Re: [X2go-User] x2go, pam_mount cifs and multiple mounting

wrapper script /sbin/mount.cifs-wrapper

if [ $VAL -eq 0 ] ; then mount.cifs $@ fi

/etc/secutiry/pam_mount.conf.xml

/etc/pam.d/common-auth

auth [success=2 default=ignore] pam_unix.so nullok_secure try_first_pass auth [success=1 default=ignore] pam_ldap.so use_first_pass auth requisite pam_deny.so auth required pam_permit.so auth optional pam_mount.so

/etc/pam.d/common-session

session [default=1] pam_permit.so session requisite pam_deny.so session required pam_permit.so session required pam_unix.so session optional pam_ck_connector.so nox11 session required pam_mkhomedir.so silent skel=/etc/skel.empty session optional pam_mount.so session optional pam_ldap.so