[8785] in Info-AFS_Redistribution
PAM, Samba and OpenAFS
daemon@ATHENA.MIT.EDU (Ted Cox)
Tue Jan 15 14:59:14 2002
Date: Tue, 15 Jan 2002 12:50:18 -0700
From: Ted Cox <Ted.Cox@wcom.com>
To: info-afs@transarc.com, openafs-info@openafs.org
Message-ID: <20020115125018.F25896@tc3591.wcomnet.com>
Reply-To: Ted.Cox@wcom.com
Mime-Version: 1.0
Content-Type: text/plain; format=flowed; charset=ISO-8859-1
Content-Transfer-Encoding: 8bit
In-Reply-To: <20020115124912.C25896@tc3591.wcomnet.com>; from Ted.Cox@wcom.com on Tue, Jan 15, 2002 at 12:49:12 -0700
I am having difficulty getting users configured so that they can SMB into
their AFS directories. SMB is properly configured and users can reach
directories not in AFS. I have this working successfully on a Sun system
running Transarc AFS 3.6, with the AFS PAM module included under other.
However on my RedHat 7.2 machine running OpenAFS 1.2.2 it does not seem to
function with the PAM module in other and samba. Any ideas would be
greatly appreciated.
Thanks,
Ted Cox
$ cat /etc/pam.d/samba
auth sufficient /lib/security/pam_afs.so try_first_pass ignore_root
auth required /lib/security/pam_stack.so service=system-auth
account required /lib/security/pam_stack.so service=system-auth
$ cat /etc/pam.d/other
#%PAM-1.0
auth sufficient /lib/security/pam_afs.so try_first_pass ignore_root
auth required /lib/security/pam_deny.so
account required /lib/security/pam_deny.so
password required /lib/security/pam_deny.so
session required /lib/security/pam_deny.so
from the samba log:
[2002/01/15 11:06:11, 0] smbd/service.c:make_connection(560)
system (x.x.x.x) Can't change directory to /afs/.wmci/project/ecs
(Permission denied)
