sadms.gif
log: pam settings

-------------------------------------------------------------------------------
S A D M S 2.0.0
Samba as Active Directory Member Server
bbou@ac-toulouse.fr
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
PAM-related configuration files
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
#[system-auth]

auth required /lib/security/$ISA/pam_env.so
auth required /lib/security/$ISA/pam_mount.so
auth sufficient /lib/security/$ISA/pam_unix.so use_first_pass likeauth nullok
auth sufficient /lib/security/$ISA/pam_winbind.so use_first_pass
auth required /lib/security/$ISA/pam_deny.so
account required /lib/security/$ISA/pam_unix.so
account sufficient /lib/security/$ISA/pam_succeed_if.so uid < 100 quiet
account [default=bad success=ok user_unknown=ignore] /lib/security/$ISA/pam_winbind.so
account required /lib/security/$ISA/pam_permit.so
password requisite /lib/security/$ISA/pam_cracklib.so retry=3
password sufficient /lib/security/$ISA/pam_unix.so nullok use_authtok md5 shadow
password sufficient /lib/security/$ISA/pam_winbind.so use_authtok
password required /lib/security/$ISA/pam_deny.so
session required /lib/security/$ISA/pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required /lib/security/$ISA/pam_limits.so
session required /lib/security/$ISA/pam_unix.so
session optional /lib/security/$ISA/pam_mount.so
-------------------------------------------------------------------------------
#[samba]

auth required pam_nologin.so
auth required pam_env.so
auth sufficient pam_unix.so likeauth nullok
auth sufficient pam_winbind.so use_first_pass
auth required pam_deny.so
account required pam_stack.so service=system-auth
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
session required pam_limits.so
session required pam_unix.so
password required pam_stack.so service=system-auth
--------------------------------------------------------------------------------
#[/etc/security/pam_mount.conf]

debug 0
mkmountpoint 1
lsof /usr/sbin/lsof
fsck /sbin/fsck
losetup /sbin/losetup
unlosetup /sbin/losetup -d
fsckloop /dev/loop7
options_require nosuid,nodev
smbmount /bin/mount -t smbfs
ncpmount /bin/mount -t ncpfs
umount /bin/umount
lclmount /bin/mount -p0
mntagain /bin/mount --bind
mntcheck /bin/mount # For BSD's (don't have /etc/mtab)
volume * cifs janus users ~/.cifsmount rw,uid=&,file_mode=0750,dir_mode=0750 - -
--------------------------------------------------------------------------------
#[/etc/skel/.bash_profile]

if [ -f ~/.bashrc ]; then
. ~/.bashrc
fi
PATH=$PATH:$HOME/bin
export PATH
unset USERNAME
netmountpoint=~/.cifsmount
haveperusersubdir=
if [ -d ${netmountpoint} ];then
u=${USER##*/}
[ -L $HOME/net-home ] || ln -s ${netmountpoint} $HOME/net-home
if [ ! -z "${haveperusersubdir}" -o -d "${netmountpoint}/${u}" ]; then
[ -L $HOME/net-home-${u} ] || ln -s ${netmountpoint}/${u} $HOME/net-home-${u}
fi
else
echo mountpoint ${netmountpoint} does not exist
fi
-------------------------------------------------------------------------------
#[/etc/X11/xinit/xinitrc.d/cifsmount.sh]

netmountpoint=~/.cifsmount
haveperusersubdir=
if [ -d ${netmountpoint} ];then
u=${USER##*/}
[ -L $HOME/net-home ] || ln -s ${netmountpoint} $HOME/net-home
if [ ! -z "${haveperusersubdir}" -o -d "${netmountpoint}/${u}" ]; then
[ -L $HOME/net-home-${u} ] || ln -s ${netmountpoint}/${u} $HOME/net-home-${u}
fi
else
echo mountpoint ${netmountpoint} does not exist
fi
[OK]