samba and pam.d create a home directory
I have winbind + pam authentication working just perfect with our active directory. I am trying to jail users to their home directory so they don't have access to any level above their home directory with sftp. This works ok with openssh 5.x and ChrootDirectory, the problem is that when I login with a new user the owner of the /home/user directory is the user trying to authenticate, but in order for the jail to work, I need it to be owned by root:root.
SSH logs the following error:
Apr 8 16:10:19 linuxauth sshd: fatal: bad ownership or modes for chroot directory "/home/user"
that works fine if I chown root.root that particular directory.
template homedir = /home/%U
and pam.d/system-auth has:
session optional pam_mkhomedir.so skel=/etc/skel umask=0022
Is there anyway to make root:root the owner of the directory?