LinuxQuestions.org
Latest LQ Deal: Latest LQ Deals
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
Reload this Page Pam_mount: Unable to Umount home directories at logoff
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 06-12-2006, 09:33 AM   #1
MediMania
LQ Newbie
 
Registered: Oct 2004
Location: Morocco
Distribution: FC 4
Posts: 11

Rep: Reputation: 0
Pam_mount: Unable to Umount home directories at logoff

Dear All,

Im havin troubles UnMounting cifs mounts Using smb_mount.
Beside that, everything is working just fine (smb, winbind, authentication, everything....)

In fact, I can mount home directories of my users just fine. However, when a user logoff, & another one logs on the LinuxBox, The 1st user home is still mounted. I need to reboot the machine evreytime a user logoff, to unmount his home directory...
Please find below my pam_mount.conf file.

p.s: Should I send you my log files also ?!?

Thank u in advance....

pam_mount.conf:

# Turn on if you want to debug why some volume cannot be mounted etc.
# This can be overriden by user's local configuration
#
# Format: debug [ 1 | 0 ]
# Local user configuration can override this.

debug 1
mkmountpoint 1
# Loopback device to use to run fsck on loopback filesystems.
fsckloop /dev/loop7

# Users' local configuration file (if there is none, comment out this
# parameter). Will be read as ~/<file>
#
# Note: you must include either options_allow or options_deny to use
# this directive. I recommend also including options_require.
#
# Individual users may define additional volumes to mount if allowed
# by pam_mount.conf (usually ~/.pam_mount.conf). The volume keyword is
# the only valid keyword in these per-user configuration files. If the
# luserconf parameter is set in pam_mount.conf, allowing user-defined
# volume, then users may mount and unmount any volume they own at any
# mount point they own. On some filesystem configurations this may be
# a security flaw so user-defined volumes are not allowed by the example
# pam_mount.conf distributed with pam_mount.
#
# Format: luserconf <file>
# luserconf .pam_mount.conf

# These directives determine which options may be specified in a user config
# file (luserconf). You must include one of these directives if you have a
# luserconf directive. You may not include both directives.
#
# If you have an options_allow directive, then the options listed in that
# directive wil be allowed, and all others rejected. If you have an
# options_deny directive, then the options listed will be denied, and all others
# permitted.
#
# You may use the wildcard '*' to match all options.
#
options_allow nosuid,nodev,loop,encryption
# options_deny suid,dev
# options_allow *
# options_deny *
#
# I recommend not permitting the suid and dev options.

# The options listed in this directive are required for all volumes from a
# user config file. That is, any volume specified in a user config file that
# does not include these options will be ignored.
#
# Note: you must make sure that a required option is permitted (either by
# including it in options_allow, or by not including it in options_deny).
#
# I recommend requiring at least nosuid and nodev.
#
# This is ignored completely if the volume is configured to get its options
# and mount point from /etc/fstab.
#
options_require nosuid,nodev

# Commands to mount/unmount volumes. They can take parameters, as shown.
#
# If you change the -p0 argument for lclmount, you'll need to modify the
# source in mount.c (it sends the password to the stdin file descriptor
# of the child process -- look for STDIN_FILENO).

lsof /usr/sbin/lsof %(MNTPT)
fsck /sbin/fsck -p %(FSCKTARGET)
losetup /sbin/losetup -p0 "%(before=\"-e \" CIPHER)" "%(before=\"-k \" KEYBITS)" %(FSCKLOOP) %(VOLUME)
unlosetup /sbin/losetup -d %(FSCKLOOP)
cifsmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
smbmount /bin/mount -t cifs //%(SERVER)/%(VOLUME) %(MNTPT) -o "username=%(USER)%(before=\",\" OPTIONS)"
ncpmount /bin/mount -t ncpfs %(SERVER)/%(USER) %(MNTPT) -o "pass-fd=0,volume=%(VOLUME)%(before=\",\" OPTIONS)"# Linux supports lazy unmounting (-l). May be dangerous for encrypted volumes.
# May also break loopback mounts because loopback devices are not freed.
# Need to unmount mount point not volume to support SMB mounts, etc.
umount /bin/umount %(MNTPT)
# On OpenBSD try "/usr/local/bin/mount_ehd" (included in pam_mount package).
lclmount /bin/mount -p0 %(VOLUME) %(MNTPT) "%(before=\"-o \" OPTIONS)"
cryptmount /bin/mount -t crypt "%(before=\"-o \" OPTIONS)" %(VOLUME) %(MNTPT)
nfsmount /bin/mount %(SERVER):%(VOLUME) "%(MNTPT)%(before=\"-o \" OPTIONS)"
mntagain /bin/mount --bind %(PREVMNTPT) %(MNTPT)
# For BSD: mntagain mount_null %(PREVMNTPT) %(MNTPT)
# For Solaris: mntagain mount -F lofs %(PREVMNTPT) %(MNTPT)
mntcheck /bin/mount # For BSD's (don't have /etc/mtab)
pmvarrun /usr/sbin/pmvarrun -u %(USER) -d -o %(OPERATION)

# Volumes that will be mounted when user triggers pam_mount module
# (usually at login).
#
# Format:
# volume <user> [smb|ncp|nfs|local] <server> <volume> <mount point> <mount options> <fs key cipher> <fs key path>
#
# General examples:
# volume user smb krueger public /home/user/krueger - - -
# volume user ncp krueger public /home/user/krueger user=user.context - -

# Linux encrypted home directory examples, using dm_crypt:
# volume user crypt - /dev/sda2 /home/user cipher=aes aes-256-ecb /home/user.key
#
# Linux encrypted home directory examples, using cryptoloop:
# volume user local - /dev/hda123 /home/user loop,encryption=aes - -
# volume user local - /home/user.img /home/user loop,user,exec,encryption=aes,keybits=256 - -
# volume user local - /home/user.img - - - -
# volume user local - /home/user.img - - aes-256-ecb /home/user4.key
#
# OpenBSD encrypted home directory example (see also lclmount above):
# volume user local - /home/user.img /home/user svnd0 - -
#
# The last two examples need a line like the following in
# /etc/fstab:
#
# /home/user4.img /home/user4 xfs user,loop,encryption=aes,keybits=256,noauto 0 0
#
# Details:
# Local user configuration can extend this.
# Mount point must be owned by the user.
#
# If there are no servers, mount options, fs key ciphers, etc. you must
# supply a "-"
#
# If a local mount is specified in a user config file, then the user must
# own the device or file being mounted.
#
# See http://www.tldp.org/HOWTO/Loopback-E...tem-HOWTO.html
# to learn how to create a encrypted loopback filesystem.
#
# If the volume's password is different than the user's login password,
# the following technique may be used (see also README):
#
# 1. Create a file containing the volume's password (FS key). If you are
# using pam_mount to mount an loopback encrypted volume, this password
# should may generated by /dev/urandom.
#
# Simple example:
# echo <volume password> | openssl aes-256-ecb > /home/user.key
# Encrypt this file using the user's login password as the key.
#
# Verbose loopback encrypted volume example:
# a. dd if=/dev/urandom of=/home/user.img bs=1M count=<image size in MB>
# b. dd if=/dev/urandom bs=1c count=<keysize / 8> | openssl enc \
# -<fs key cipher> > /home/user.key
# Encrypt this file using the user's login password as the key.
# c. openssl enc -d -<fs key cipher> -in /home/user.key | losetup -e aes \
# -k <keysize> -p0 /dev/loop0 /home/user.img
# d. mkfs -t ext2 /dev/loop0
# e. umount /dev/loop0
# f. losetup -d /dev/loop0
#
# 3. In pam_mount.conf:
# a. Set the fs key cipher variable to the cipher used (ie: aes-256-ecb).
# b. Set the fs key path variable to the key's path (ie: /home/user.key)
# 4. If a user changes his login password, regenerate the efsk that
# was created in step 1b. A script named passwdehd is provided to do this.
#
# If fs_key_cipher is -, then the user's login password is also the volume's
# password.

# Template (or wildcard) volumes
#
# If user is "*", "&" will be replaced by name of the user logging on in the
# volume, mount point, mount options and fs key path fields. "~/*" will be
# replaced with "<user's homedir>/*." In this mode, the user need not
# own the mount point, but it must exist.
#
# volume * smb krueger & /home/& uid=&,gid=&,dmask=0750 - -
# volume * smb krueger homes /home/&/remote - - -
# volume * local - /home/&.img - - aes-256-ecb /etc/ehd/&

# Windows 2000, which requires a domain specified, example (thanks John Knox):
volume * smb 10.50.51.250 &$ /home/AUI/& workgroup=AUI - -
#uid=&,dmask=0750,

# An NCP example:
# volume user ncp SERVER /USERS/Department/user /home/user user=user.full.context,uid=user,gid=user,symlinks - -

# An example using spaces:
# volume * smb krueger 'Home\ Directories' /home/& - - -
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache Root/Home Directory and setting up FTP for home directories? Mankind75 Linux - Newbie 6 07-23-2006 02:37 PM
Using pam_mount to mount /home on login hamish Linux - Software 1 05-13-2006 08:58 AM
Directories disappear on logoff m_lp_ql_m Linux - General 1 03-01-2005 08:27 PM
Directories disappear on logoff m_lp_ql_m Linux - Software 1 02-21-2005 10:59 PM
root unable to create directories in /home? cpv204 Solaris / OpenSolaris 6 11-25-2003 10:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:36 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration