#54 Exclude local users

pam-mount
open-accepted
pam-mount (40)
5
2012-07-07
2012-03-31
Anonymous
No

Is there any way to force pam_mount to avoid creating homes for local ("/etc/passwd") defined users?
I just need it to work for LDAP users mounting from NFS, but it is also overwriting my local homes when a local users login.

Thanks.

Discussion

  • Jan Engelhardt

    Jan Engelhardt - 2012-03-31

    There is not at this time. I also cannot quite think of a use case for this atm.

     
  • Jan Engelhardt

    Jan Engelhardt - 2012-03-31
    • milestone: --> pam-mount
    • status: open --> pending
     
  • Marc Leforestier

    You can do this with adding sgrp or pgrp in pam_mount.conf.xml, when you define the volume you want to mount.
    According to the man :

    pgrp="groupname"
    Limit the volume to users which have the group identified by name as their primary group.

    sgrp="groupname"
    Limit the volume to users which are a member of the group identified by name (either as primary or secondary group).

    In this case, pam_mount will mount the volume only if the user is a member of the group "domain users" :

    <volume
    fstype="cifs"
    server="smb.domain.fr"
    user="*"
    sgrp="domain users"
    path="%(GROUP)/Home/%(USER)"
    mountpoint="/smb/%(USER)"
    options="sec=krb5,cruid=%(USER),iocharset=utf8,file_mode=0600,dir_mode=0700"
    />

     
  • Jan Engelhardt

    Jan Engelhardt - 2012-07-07

    Indeed, you will need groups. There is no way for programs making use of the NSS API to determine in which kind of database a user is defined, other than through the fields in struct passwd.
    Meanwhile, I thought of adding the possibility for a shell call.

     
  • Jan Engelhardt

    Jan Engelhardt - 2012-07-07
    • status: pending --> open-accepted
     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks