Marc Fortier - 2005-01-28

Hello,

   I'm setting up usermin on an FC2 box.  I want users to authenticate
against an LDAP server and their home directory mounted from a samba
server.  To do this I've setup usermin to use PAM with pam_ldap and
pam_mount.  The LDAP authentication works, but not the home directory
mount.  It looks like usermin does not execute the session rules in
/etc/pam.d/usermin.

Here is my /etc/pam.d/usermin

#%PAM-1.0
account         required        pam_warn.so
account         required        pam_ldap.so
auth            required        pam_warn.so
auth            required        pam_mount.so
auth            sufficient      pam_ldap.so     use_first_pass
password        required        pam_ldap.so
session         required        pam_warn.so
session         required        pam_mount.so

Here is my /etc/usermin/miniserv.conf:

port=20000
addtype_cgi=internal/cgi
realm=Usermin Server
logfile=/var/usermin/miniserv.log
errorlog=/var/usermin/miniserv.error
pidfile=/var/usermin/miniserv.pid
logtime=168
ppath=
ssl=1
env_WEBMIN_CONFIG=/etc/usermin
env_WEBMIN_VAR=/var/usermin
atboot=
logout=/etc/usermin/logout-flag
listen=20000
denyfile=\.pl$
log=1
blockhost_failures=5
blockhost_time=60
session=1
unixauth=user
localauth=/usr/sbin/lsof
pam=usermin
userfile=/etc/usermin/miniserv.users
keyfile=/etc/usermin/miniserv.pem
passwd_file=/etc/shadow
passwd_uindex=0
passwd_pindex=1
passwd_cindex=2
passwd_mindex=4
passwd_mode=2
sidname=usid
preroot=mscstyle3
passdelay=1
domainstrip=
domainuser=
passwd_blank=
logouttime=
syslog=
user_mapping_reverse=0
root=/usr/libexec/usermin
mimetypes=/usr/libexec/usermin/mime.types

And what I see in /var/log/messages when I login is:

Jan 28 15:35:27 marctest PAM-warn[27028]: function=[pam_sm_authenticate] service=[usermin] terminal=[<unknown>] user=[mfortier] ruser=[<unknown>] rhost=[<unknown>]
Jan 28 15:35:30 marctest PAM-warn[27028]: function=[pam_sm_acct_mgmt] service=[usermin] terminal=[<unknown>] user=[mfortier] ruser=[<unknown>] rhost=[<unknown>]

No mention of session, so I'm guessing that usermin isn't executing it. 
BTW I know pam_mount is working properly because I've tried it with ssh.

Does anyone have any idea why the pam session rules are not being
executed?  What can I turn on to get more info?  There is nothing in
/var/usermin/miniserv.error.

        TIA,

        Marc
--
Marc Fortier, School of Information Technology & Engineering,
U. of Ottawa, 2005-800 King Edward, Ottawa Ontario Canada, K1N 6N5