Bug 114971 - [PATCH] add pam_mount support to authconfig
[PATCH] add pam_mount support to authconfig
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: authconfig (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Tomas Mraz
: FutureFeature
: 188253 (view as bug list)
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2004-02-04 18:22 EST by W. Michael Petullo
Modified: 2007-11-30 17:10 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-05-03 04:06:05 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
Adds pam_mount support to authconfig. (28.54 KB, patch)
2004-02-04 18:24 EST, W. Michael Petullo
no flags Details | Diff
Adds pam_mount support to authconfig/authconfig-gtk.py. (85.33 KB, patch)
2004-02-08 23:25 EST, W. Michael Petullo
no flags Details | Diff
Adds pam_mount support to authconfig/authconfig-gtk.py. (124.25 KB, patch)
2004-02-10 13:12 EST, W. Michael Petullo
no flags Details | Diff
Adds pam_mount support to authconfig/authconfig-gtk.py. (293.64 KB, patch)
2004-03-06 12:36 EST, W. Michael Petullo
no flags Details | Diff
Adds pam_mount support to authconfig/authconfig-gtk.py. (134.14 KB, patch)
2004-03-09 17:36 EST, W. Michael Petullo
no flags Details | Diff
Adds pam_mount support to authconfig/authconfig-gtk.py. (149.75 KB, patch)
2004-03-13 14:01 EST, W. Michael Petullo
no flags Details | Diff

  None (edit)
Description W. Michael Petullo 2004-02-04 18:22:48 EST
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux ppc; en-US; rv:1.6)
Gecko/20040115 Epiphany/1.0.7

Description of problem:
Enclosed you should find a patch that adds support to authconfig for
configuring pam_mount.  Pam_mount is a PAM module that allows one to
use  their system password to mount volumes at login time.  Several
people have expresed interest in seeing pam_mount in Fedora and in
order for this to be done right, authconfig must support pam_mount. 
Currently, the pam_mount package itself is well into the Fedora QA
process.

The patch itself works, though the code to read and write
pam_mount.conf is a little rough.  Pam_mount includes and uses the
dot.conf library but I did not want to introduce this dependency to
authconfig.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
Run authconfig and notice it can not configure pam_mount.

Additional info:
Comment 1 W. Michael Petullo 2004-02-04 18:24:25 EST
Created attachment 97476 [details]
Adds pam_mount support to authconfig.
Comment 2 Nalin Dahyabhai 2004-02-04 19:37:30 EST
In short, the patch looks sound overall, but it has its problems.

I agree that the file read/write code is very rough, and needs to be
refined before I'd trust it with other people's configuration files. 
It also needs additional code to expose the settings in the graphical
counterpart.
Comment 3 W. Michael Petullo 2004-02-04 21:55:28 EST
I have looked at the GTK/Python code.  Unfortunately, I am getting the
following error from authconfig-gtk.py (I use a PowerPC-based computer):

Traceback (most recent call last):
  File "./authconfig-gtk.py", line 2, in ?
    import authconfig, gettext, os, signal, sys
ImportError:
/home/mike/development/authconfig-4.6-1-pam_mount/authconfig-4.6-1/authconfigmodule.so:
R_PPC_REL24 relocation at 0x0fdacec8 for symbol `strcmp' out of range

Once I figure that out, I'll look at authconfig-gtk.py more.

Until then, I will focus on the configuration reading and writing code.
Comment 4 W. Michael Petullo 2004-02-08 23:25:53 EST
Created attachment 97532 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.

This patch adds pam_mount support to authconfig-gtk.py as well.  It is still
rough, but I plan to continue work on it.  The issues with reading and writing
pam_mount.conf still exist (the code is too brittle).
Comment 5 W. Michael Petullo 2004-02-10 13:12:23 EST
Created attachment 97561 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.

This version of the patch cleans up the pam_mount.conf reading and writing code
a lot.	Also, the GTK interface is now more complete.
Comment 6 W. Michael Petullo 2004-03-06 12:36:07 EST
Created attachment 98343 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.
Comment 7 Rudi Chiarito 2004-03-08 11:59:33 EST
The latest patch won't work for me. It fails on a FC2test1 system with


gcc -I/usr/include/glib-2.0 -I/usr/lib/glib-2.0/include -O2 -g -pipe
-march=i386 -mcpu=i686 -fPIC -Wall -Wunused -Wuninitialized -Wimplicit
-Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations
-Wcast-align -I/usr/include/python2.3 -Wall -O2 -g -pipe -march=i386
-mcpu=i686 -fPIC -Wall -Wunused -Wuninitialized -Wimplicit
-Wstrict-prototypes -Wmissing-prototypes -Wmissing-declarations
-Wcast-align -o authconfigmodule.so -shared authconfigmodule.o
authinfo.o dnsclient.o shvar.o  -lglib-2.0 -lresolv -lutil
make[2]: *** No rule to make target `pyauthconfig.c', needed by
`pyauthconfig.o'.  Stop.
make[2]: Leaving directory `/home/rxc13/rpm/BUILD/authconfig-4.6.1-1'
make[1]: *** [all-recursive] Error 1
make[1]: Leaving directory `/home/rxc13/rpm/BUILD/authconfig-4.6.1-1'
make: *** [all] Error 2


It seems to build if, in the Makefile, I move pyauthconfig.py from
pythonsite_PROGRAMS to pkgdata_SCRIPTS.

Also, even if debug is set to 1, the GTK interface shows it as
disabled (although it IS preserved when you save the configuration
back).

More reports as I test the patch.
Comment 8 Rudi Chiarito 2004-03-08 12:42:51 EST
I encountered a few glitches with a stock installation, but the bulk of
them seems to be due to the default pam_mount.conf file and thus out of
the scope of this report.

The list in the volume window is too small, in the initial
configuration with no volumes configured, as well as when you add
volumes or reopen the window. It only shows one volume at a time.
Should the window be resizable, maybe? Also, there's no CIFS option
in the volume type chooser. This might be important as FC2 dropped
SMB in favour of CFS.

One feature that might help new or occasional users is making sure that
the options in the "required" list are present in the "allow" list (or
that the latter contains a "*"). Since it's a GUI tool, checks like
this are IMHO necessary.

Tooltips would help a lot, but I just realised that there are no other
tooltips anywhere else in the program. Maybe that's better left for
a separate report.
Comment 9 W. Michael Petullo 2004-03-09 17:36:45 EST
Created attachment 98411 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.

I made the following changes to my patch (thanks Rudi!):

1.  The deprecated -S option is no longer used in the default cifsmount
definition.

2.  The pyauthconfig.py module should now install properly.

3.  The debug and mkmountpoint checkboxes in the pam_mount configuration window
now work.

4.  The CIFS filesystem type is now in the list of available types when adding
or editing a volume definition.

5.  The GTK windowsizes should now be more sane.
Comment 10 W. Michael Petullo 2004-03-13 14:01:20 EST
Created attachment 98514 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.

Added some user input sanity checking to my patch.  For example, authconfig-gtk
now complains if one tries to configure a CIFS volume without a server.  The
infrastructure I added can be used to easily add checks for the configuration
of the other PAM modules supported.
Comment 11 Tomas Mraz 2005-08-23 06:00:25 EDT
Comment on attachment 98514 [details]
Adds pam_mount support to authconfig/authconfig-gtk.py.

Authconfig is being rewritten completely in Python and the newt tui is
deprecated (no new features).
Comment 12 Tomas Mraz 2005-08-23 08:56:03 EDT
Supporting pam_mount even when it isn't included in Fedora Core in authconfig
isn't something which has too high priority. Authconfig OTOH should try hard not
to break existing pam configuration - this is my priority to fix currently.

Closing this bug as wontfix at least till pam_mount is included in FC.
Comment 13 W. Michael Petullo 2006-04-07 21:12:21 EDT
There is now a pam_mount package in Fedora Extras.
Comment 14 W. Michael Petullo 2006-04-07 21:12:54 EDT
*** Bug 188253 has been marked as a duplicate of this bug. ***
Comment 15 Till Maas 2006-04-08 06:11:42 EDT
Would it be possible at a first step make authconfig add the correct lines 
to /etc/pam.d/system-auth-ac to load pam_mount and add additional features to 
edit /etc/security/pam_mount.conf later? This would help me a lot. As far as I 
know there is no possibility to add custom lines to /etc/pam.d/system-auth-ac 
which would maybe be usefull for other additional pam modules, as well.  
Comment 16 Tomas Mraz 2006-05-03 04:06:05 EDT
You can point the /etc/pam.d/system-auth symlink to /etc/pam.d/system-auth-local
and make it contain:
auth            include         system-auth-ac
account         include         system-auth-ac
password        include         system-auth-ac
session         include         system-auth-ac

Then you can modify this file to call pam_mount.

Note You need to log in before you can comment on or make changes to this bug.