Results 1 to 3 of 3

Thread: SLES 11 SP3 and SSSD

Threaded View

  1. #3

    Re: SLES 11 SP3 and SSSD

    I know this is an old post, but perhaps this will help someone :-) .

    pam_mkhomedir on the SUSE/openSUSE platform is the functional compliment to the oddjobd daemon on the RHEL/CentOS platform. It does create home directories for users that authenticate and establish sessions on SUSE OS instances.

    There are several ways to implement it whilst implementing authentication services within YaST , but it can be implemented manually using the pam-config utility.

    ~# pam-config --add --mkhomedir

    "man pam-config" to see how else pam-config can be used to responsibly modify your system PAM configuration :-) .

    So, on SLES 12 SP1 using version of the SSSD I was able to modify the default permissions applied by the mkhomedir service.

    ~# pam-config --add --mkhomedir-umask=0077

    (man pam-config btw)

    The modified /etc/pam.d/common-session-pc file as a result of the change:

    session optional umask=0077
    session required
    session required try_first_pass
    session optional
    session optional
    session optional
    session optional auto_start only_if=gdm,gdm-password,lxdm,lightdm
    session optional

    On a newly created home directory for a user new to the system:

    ll /home/

    drwxr-xr-x 7 laliah Domain Users 4096 Jun 2 05:49 laliah
    drwxr-xr-x 7 lmccarter Domain Users 4096 Jun 2 06:40 lmccarter
    drwx------ 7 mhuffman Domain Users 4096 Jun 15 19:56 mhuffman

    Seemed to do the trick, so perhaps an upgrade for your version of the daemon or something else on the system?

    -- lawrence
    Last edited by hangarbait; 16-Jun-2016 at 02:28. Reason: Corrections, obviously.

Tags for this Thread


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts