So, I'm trying to set up a system here at work that uses LDAP for
central user auth, for both posix (nss_ldap) users, and for samba
users. For even more fun, I plan on automounting the user's home dirs
(and possibly other shares). These automounts will be based on the
login name and the password supplied at login time. I've found a tool
named pam_mount, that is supposed to take the password given at login
time and re-apply it later for mounting volumes. The problem is that
the documentation is extremely sparse, and I've no clue whether or not
it works with nss_ldap.
Do any of you fine folks know of a way that I can have a user's home dir
mounted at login time, based upon their login name and the password
they provided at login time? I'm trying to get around the insecurities
of NFS and host-based spoofs, by requiring that extra login before you
get the file system. Please don't suggest NIS(+) or NFS, unless you
have a way of securing NFS so that it requires a password as well as a
correct host, but can be done at login time, using LDAP user/pass.
TIA!
--
Jesse Keating RHCE MCSE (
geek.j2solutions.net)
Fedora Legacy Team (
www.fedora.us/wiki/FedoraLegacy)
Mondo DevTeam (
www.mondorescue.org)
GPG Public Key (
geek.j2solutions.net/jkeating.j2solutions.pub)
Was I helpful? Let others know:
http://svcs.affero.net/rm.php?r=jkeating