When I configure pam_mkhomedir in /etc/pam.d/ssh like so: session required pam_mkhomedir umask=0066 skel=/etc/skel then it fails to do it's job. The log reports "unable to create directory" and "Permission denied". I think this is because SSH uses privilege separation, so the PAM stack is called after dropping root. This is backed up by the fact that setting the permissions on /home to 0777 allows a normal user to log in and have his/her homedir be automatically created. Is this a known problem? Is there anything one can do against this, short of turning privilege separation off in SSH. Unless someone shows me some counterproof, I still believe that privsep is a rather useful addition to sshd. Thanks, -- Please do not CC me when replying to lists; I read them! .''`. martin f. krafft <madduck@debian.org> : :' : proud Debian developer, admin, and user `. `'` `- Debian - when you have better things to do than fixing a system Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
Attachment:
pgplU5qLSzZEQ.pgp
Description: PGP signature