LinuxQuestions.org
Did you know LQ has a Linux Hardware Compatibility List?
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 11-20-2008, 12:28 PM   #1
MheAd
Member
 
Registered: Jun 2007
Distribution: Ubuntu 11.04
Posts: 186

Rep: Reputation: 36
Manually created homedirs for ldap - cannot log on through X


Hey guys.
I've just started experimenting with LDAP through classes I'm taking.
And I came across a problem that I seem to not be able to solve.
Here is the deal.
At first, I created few user account, local ones, on the computer that's supposed to be ldap server. After adding these users, I used migration scripts in Fedora 8 to take out the necessary stuff needed for ldap to function normally with home directories (migrated /etc/passwd,shadow and group). After that, I removed the physical accounts but left the home dirs. After this, I was able to access these accounts by logging in from another computer that was set up as ldap client with autofs/autohome setup. Everything worked flawlessly just as I wanted it.

Then I figured I would create an additional account, manually, just to see how it works. I used the same logic, made sure that the UID/GID didn't conflict with anything existing on the server etc.
Here is how I created an ldif file for a new user (I used the exact same syntax just like one created by migrating scripts, and of course changed necessary stuff to match this one particular account I was about to create).

Code:
dn: uid=newaccount,ou=People,dc=my-domain,dc=com
uid: newaccount
cn: newaccount
objectClass: account
objectClass: posixAccount
objectClass: top
objectClass: shadowAccount
userPassword: test123
shadowLastChange: 14203
shadowMax: 99999
shadowWarning: 7
loginShell: /bin/bash
uidNumber: 504
gidNumber: 504
homeDirectory: /home/newaccount
the after that - even the group

Code:
dn: cn=newaccount,ou=Group,dc=my-domain,dc=com
objectClass: posixGroup
objectClass: top
cn: newaccount
userPassword: test123
gidNumber: 504
After that, I added the ldif's to the LDAP and it accepted it without compliants, done ldapsearch to verify it was there - everything was okay.

Then, since this is manual creation, I created the home dir according to path above, I made sure to have changed ownership to uid/gid 504 as above.

Then, when I tried to logon from the ldap client, through ssh it went with no problems. Home dir seem to have been accepted too - I could create files and I could clearly see that I was in /home/newaccount (pwd command). However, then I tried to logon through X and it threw me out. Couldn't see any info in the log files (/var/log/messages). However, after inspecting the actual home dir, I found some very strange stuff in the .xsession-errors file which was generated by the unsuccessful X-login:

Code:
Can't create dir /nohome/Desktop
Can't create dir /nohome/Download
Can't create dir /nohome/Templates
Can't create dir /nohome/Public
Can't create dir /nohome/Documents
Can't create dir /nohome/Music
Can't create dir /nohome/Pictures
Can't create dir /nohome/Videos

(gnome-session:4933): libgnomevfs-WARNING **: Unable to create ~/.gnome2 directory: No such file or directory
Could not create per-user gnome configuration directory `/nohome/.gnome2/': No such file or directory
Please note the "/nohome/" part. What could that be? Could PAM be doing something weird?

After that, I redone the manual home-dir creation and I even copied the content from /etc/skel figuring that was the cause of the problems (no default maps present) - still the problem persists.

Very frustrating but hopefully some of you gurus will help me out.

Thanks in advance!
M.

Last edited by MheAd; 11-20-2008 at 04:30 PM.
 
Old 11-21-2008, 05:06 AM   #2
billymayday
Guru
 
Registered: Mar 2006
Location: Sydney, Australia
Distribution: Fedora, CentOS, OpenSuse, Slack, Gentoo, Debian, Arch, PCBSD
Posts: 6,678

Rep: Reputation: 122Reputation: 122
You may have the wrong security context (SELinux)

Have a look at

ls -lZ /home

and see if the context for the directory you created is different from those created previously.

Here's an example of what you may see
Code:
drwxrwxr-x  root       users root:object_r:user_home_dir_t    common
where "rootbject_r:user_home_dir_t" is the security context.

If so, see man restorecon and man chcon
 
Old 11-21-2008, 06:37 AM   #3
MheAd
Member
 
Registered: Jun 2007
Distribution: Ubuntu 11.04
Posts: 186

Original Poster
Rep: Reputation: 36
Quote:
Originally Posted by billymayday View Post
You may have the wrong security context (SELinux)

Have a look at

ls -lZ /home

and see if the context for the directory you created is different from those created previously.

Here's an example of what you may see
Code:
drwxrwxr-x  root       users root:object_r:user_home_dir_t    common
where "rootbject_r:user_home_dir_t" is the security context.

If so, see man restorecon and man chcon

Hi there.
Thanks for the suggestion.
My SELinux is, however, disabled, so that's not the problem. Must be something else. Could it be something related to Xauthority? Hmm...
 
Old 12-04-2008, 03:15 PM   #4
irishbitte
Senior Member
 
Registered: Oct 2007
Location: Brighton, UK
Distribution: Ubuntu Hardy, Ubuntu Jaunty, Eeebuntu, Debian, SME-Server
Posts: 1,213
Blog Entries: 1

Rep: Reputation: 82
When you copied over the files from /etc/skel, did you change the owner and permissions?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cron Jobs- No log created JBull Linux - Desktop 3 11-05-2007 01:17 AM
device files are not created after manually loading the modules with modprobe r00tb33r Linux - Software 1 04-12-2007 05:58 PM
i created an IP packet manually . how can i send it to specified host ? vahid Programming 1 01-26-2007 11:34 AM
Manually Created Devices Disappear - Slackware 10 Kernel 2.6.9 rovitotv Slackware 1 01-01-2005 04:53 PM
How can I manually query a ldap server from terminal? randomx Linux - General 2 10-07-2003 01:04 PM


All times are GMT -5. The time now is 04:42 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration