Description of problem: When using encrypted image files as home directories through pam_mount loop mounting, the directory always mounts with the 'noexec' mount option. Version-Release number of selected component (if applicable): pam_mount-0.32-3.fc9.i386 How reproducible: Always Steps to Reproduce: 1. Create encrypted filesystem image in a file, with a matching keyfile 2. Configure pam_mount to mount upon normal user login 3. Log in as user 4. Run 'mount -l' in a shell Actual results: /home/ebowser.img on /home/ebowser type ext3 (rw,noexec,nosuid,nodev,loop=/dev/loop0,encryption=aes) Expected results: /home/ebowser.img on /home/ebowser type ext3 (rw,exec,nosuid,nodev,loop=/dev/loop0,encryption=aes) Additional info: This worked fine in Fedora 8 with a similar configuration. I say similar and not identical because the pam_mount version in 8 used a text configuration file, the pam_mount version in 9 uses XML. They are both in theory configured the same. My pam_mount.xml file and debug output of a login are attached.
Created attachment 306402 [details] Debug output from pam_mount during a user login
Created attachment 306403 [details] configuration file I'm using
Are you sure, that your configuration works? Here using 'fstype="ext3"' instead of 'fstype="crypt"' for the crypted volume does not work. Btw. why do you specify the "user" mount option? This is where the noexec comes from, but I do not yet know why it cannot be overwritten.
ok, I guess I found the bug, the ordering of the mount options matter and it seems that pam_mount currently orders them alphabetically. As a workaround you could remove the "user" mount option if you do not need it.
I will try this when I'm in front of the machine again on Tuesday. Honestly, I can't remember why I'm using 'user.' This encrypted home has been with me since Fedora Core 6, and I just kept migrating the config. I'm sure the example I used to build this is long gone...
Works like a charm without the user flag. Thanks!
pam_mount-0.40-1.fc9 has been submitted as an update for Fedora 9
pam_mount-0.40-1.fc9, libHX-1.18-1.fc9 has been pushed to the Fedora 9 testing repository. If problems still persist, please make note of it in this bug report. If you want to test the update, you can install it with su -c 'yum --enablerepo=updates-testing update pam_mount libHX'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F9/FEDORA-2008-5269
pam_mount-0.41-1.fc9 has been submitted as an update for Fedora 9
pam_mount-0.41-2.fc9 has been submitted as an update for Fedora 9
libHX-1.18-1.fc9, pam_mount-0.41-2.fc9 has been pushed to the Fedora 9 stable repository. If problems still persist, please make note of it in this bug report.