LINUX.ORG.RU
ФорумAdmin

mount ftp через pam_mount

 


0

1

Здравствуйте! Имею связку freeIPA + OMV. При логине пользователя на клиентской машине пытаюсь через pam_mount смонтировать ftp ресурс расположенный на omv. но в итоге получаю в точке монтирования нулевой файл вида «?test», с датой создания 1.1.1970

Debug pam:

su coln
Password: 
(pam_mount.c:365): pam_mount 2.16: entering auth stage
(pam_mount.c:568): pam_mount 2.16: entering session stage
(mount.c:234): The "server" attribute is ignored for this filesystem (fuse).
(mount.c:250): Mount info: globalconf, user=coln <volume fstype="fuse" server="test.test.lan" path="curlftpfs#ftp://test.test.lan" mountpoint="/home/coln/test" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="user=coln,rw,uid=1067400026,gid=1067400026,nosuid,nodev" /> fstab=0 ssh=0
(mount.c:659): Password will be sent to helper as-is.
command: 'mount.fuse' 'curlftpfs#ftp://test.test.lan' '/home/coln/test' '-o' 'user=coln,rw,uid=1067400026,gid=1067400026,nosuid,nodev' 
(mount.c:72): Messages from underlying mount program:
(mount.c:76): Enter host password for user 'coln':
(mount.c:553): 26 32 0:24 / /sys rw,nosuid,nodev,noexec,relatime shared:7 - sysfs sysfs rw
(mount.c:553): 27 32 0:5 / /proc rw,nosuid,nodev,noexec,relatime shared:14 - proc proc rw
(mount.c:553): 28 32 0:6 / /dev rw,nosuid,noexec,relatime shared:2 - devtmpfs udev rw,size=971596k,nr_inodes=242899,mode=755
(mount.c:553): 29 28 0:25 / /dev/pts rw,nosuid,noexec,relatime shared:3 - devpts devpts rw,gid=5,mode=620,ptmxmode=000
(mount.c:553): 30 32 0:26 / /run rw,nosuid,nodev,noexec,relatime shared:5 - tmpfs tmpfs rw,size=203504k,mode=755
(mount.c:553): 32 1 252:5 / / rw,relatime shared:1 - ext4 /dev/vda5 rw,errors=remount-ro
(mount.c:553): 33 26 0:7 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime shared:8 - securityfs securityfs rw
(mount.c:553): 34 28 0:28 / /dev/shm rw,nosuid,nodev shared:4 - tmpfs tmpfs rw
(mount.c:553): 35 30 0:29 / /run/lock rw,nosuid,nodev,noexec,relatime shared:6 - tmpfs tmpfs rw,size=5120k
(mount.c:553): 36 26 0:30 / /sys/fs/cgroup ro,nosuid,nodev,noexec shared:9 - tmpfs tmpfs ro,mode=755
(mount.c:553): 37 36 0:31 / /sys/fs/cgroup/unified rw,nosuid,nodev,noexec,relatime shared:10 - cgroup2 cgroup2 rw,nsdelegate
(mount.c:553): 38 36 0:32 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:11 - cgroup cgroup rw,xattr,name=systemd
(mount.c:553): 39 26 0:33 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime shared:12 - pstore pstore rw
(mount.c:553): 40 26 0:34 / /sys/fs/bpf rw,nosuid,nodev,noexec,relatime shared:13 - bpf none rw,mode=700
(mount.c:553): 41 36 0:35 / /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:15 - cgroup cgroup rw,perf_event
(mount.c:553): 42 36 0:36 / /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime shared:16 - cgroup cgroup rw,hugetlb
(mount.c:553): 43 36 0:37 / /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime shared:17 - cgroup cgroup rw,cpu,cpuacct
(mount.c:553): 44 36 0:38 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:18 - cgroup cgroup rw,devices
(mount.c:553): 45 36 0:39 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:19 - cgroup cgroup rw,freezer
(mount.c:553): 46 36 0:40 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:20 - cgroup cgroup rw,blkio
(mount.c:553): 47 36 0:41 / /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime shared:21 - cgroup cgroup rw,pids
(mount.c:553): 48 36 0:42 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:22 - cgroup cgroup rw,memory
(mount.c:553): 49 36 0:43 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:23 - cgroup cgroup rw,cpuset
(mount.c:553): 50 36 0:44 / /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime shared:24 - cgroup cgroup rw,net_cls,net_prio
(mount.c:553): 51 36 0:45 / /sys/fs/cgroup/rdma rw,nosuid,nodev,noexec,relatime shared:25 - cgroup cgroup rw,rdma
(mount.c:553): 52 27 0:46 / /proc/sys/fs/binfmt_misc rw,relatime shared:26 - autofs systemd-1 rw,fd=28,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=16097
(mount.c:553): 53 28 0:21 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:27 - mqueue mqueue rw
(mount.c:553): 54 28 0:47 / /dev/hugepages rw,relatime shared:28 - hugetlbfs hugetlbfs rw,pagesize=2M
(mount.c:553): 55 26 0:12 / /sys/kernel/tracing rw,nosuid,nodev,noexec,relatime shared:29 - tracefs tracefs rw
(mount.c:553): 56 26 0:8 / /sys/kernel/debug rw,nosuid,nodev,noexec,relatime shared:30 - debugfs debugfs rw
(mount.c:553): 57 26 0:22 / /sys/kernel/config rw,nosuid,nodev,noexec,relatime shared:31 - configfs configfs rw
(mount.c:553): 58 26 0:48 / /sys/fs/fuse/connections rw,nosuid,nodev,noexec,relatime shared:32 - fusectl fusectl rw
(mount.c:553): 126 32 252:1 / /boot/efi rw,relatime shared:67 - vfat /dev/vda1 rw,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro
(mount.c:553): 858 30 0:53 / /run/user/1000 rw,nosuid,nodev,relatime shared:472 - tmpfs tmpfs rw,size=203500k,mode=700,uid=1000,gid=1000
(mount.c:553): 880 858 0:54 / /run/user/1000/gvfs rw,nosuid,nodev,relatime shared:484 - fuse.gvfsd-fuse gvfsd-fuse rw,user_id=1000,group_id=1000
(mount.c:553): 595 30 0:50 / /run/user/121 rw,nosuid,nodev,relatime shared:329 - tmpfs tmpfs rw,size=203500k,mode=700,uid=121,gid=129
(mount.c:553): 615 595 0:51 / /run/user/121/gvfs rw,nosuid,nodev,relatime shared:340 - fuse.gvfsd-fuse gvfsd-fuse rw,user_id=121,group_id=129
(mount.c:553): 635 32 0:52 / /home/coln/test rw,nosuid,nodev,relatime shared:351 - fuse curlftpfs#ftp://test.test.lan/ rw,user_id=0,group_id=1000
command: 'pmvarrun' '-u' 'coln' '-o' '1' 
(pmvarrun.c:258): parsed count value 0
(pam_mount.c:441): pmvarrun says login count is 1
(pam_mount.c:660): done opening session (ret=0)

Содержимое /etc/security/pam_mount.conf.xml

<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<!--
        See pam_mount.conf(5) for a description.
-->

<pam_mount>

                <!-- debug should come before everything else,
                since this file is still processed in a single pass
                from top-to-bottom -->

<debug enable="1" />

                <!-- Volume definitions -->
<volume fstype="fuse"
server="test.test.lan"
path="curlftpfs#ftp://test.test.lan"
mountpoint="/home/%(USER)/test"
options="user=%(USER),rw,uid=%(USERUID),gid=%(USERGID),nosuid,nodev"
ssh="0" noroot="0" />

                <!-- pam_mount parameters: General tunables -->

<!--
<luserconf name=".pam_mount.conf.xml" />
-->

<!-- Note that commenting out mntoptions will give you the defaults.
     You will need to explicitly initialize it with the empty string
     to reset the defaults to nothing. -->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev" />

<!-- requires ofl from hxtools to be present -->
<logout wait="0" hup="no" term="no" kill="no" />


                <!-- pam_mount parameters: Volume-related -->

<mkmountpoint enable="1" remove="true" />


</pam_mount>

В конфиге OMV все настроено корректно.

curlftpfs ftp://coln:<PASSWORD>@test.test.lan/ /home/coln/test -o rw

успешно монтируется.

Настраиваю впервые данную связку, прошу сильно не бить)

p.s. Debian 10

<volume fstype="fuse"
server="test.test.lan"
path="curlftpfs#ftp://test.test.lan"
mountpoint="/home/%(USER)/test/"
options="user=%(USER),rw"
ssh="0" noroot="1" />

теперь uid gid корректные, но все равно точка монтирования некорректная

su coln
Password: 
(pam_mount.c:365): pam_mount 2.16: entering auth stage
(pam_mount.c:568): pam_mount 2.16: entering session stage
(mount.c:234): The "server" attribute is ignored for this filesystem (fuse).
(mount.c:780): Could not get realpath of /home/coln/test/: Нет такого файла или каталога
(mount.c:250): Mount info: globalconf, user=coln <volume fstype="fuse" server="test.test.lan" path="curlftpfs#ftp://test.test.lan" mountpoint="/home/coln/test/" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="user=coln,rw" /> fstab=0 ssh=0
(mount.c:304): mkmountpoint: checking /home
(mount.c:304): mkmountpoint: checking /home/coln
(mount.c:304): mkmountpoint: checking /home/coln/test
(mount.c:328): mkdir[1067400026] /home/coln/test
(mount.c:304): mkmountpoint: checking /home/coln/test/
(mount.c:659): Password will be sent to helper as-is.
command: 'mount.fuse' 'curlftpfs#ftp://test.test.lan' '/home/coln/test/' '-o' 'user=coln,rw' 
(spawn.c:136): setting uid to user coln
(mount.c:72): Messages from underlying mount program:
(mount.c:76): Enter host password for user 'coln':
(mount.c:553): 26 32 0:24 / /sys rw,nosuid,nodev,noexec,relatime shared:7 - sysfs sysfs rw
(mount.c:553): 27 32 0:5 / /proc rw,nosuid,nodev,noexec,relatime shared:14 - proc proc rw
(mount.c:553): 28 32 0:6 / /dev rw,nosuid,noexec,relatime shared:2 - devtmpfs udev rw,size=971596k,nr_inodes=242899,mode=755
(mount.c:553): 29 28 0:25 / /dev/pts rw,nosuid,noexec,relatime shared:3 - devpts devpts rw,gid=5,mode=620,ptmxmode=000
(mount.c:553): 30 32 0:26 / /run rw,nosuid,nodev,noexec,relatime shared:5 - tmpfs tmpfs rw,size=203504k,mode=755
(mount.c:553): 32 1 252:5 / / rw,relatime shared:1 - ext4 /dev/vda5 rw,errors=remount-ro
(mount.c:553): 33 26 0:7 / /sys/kernel/security rw,nosuid,nodev,noexec,relatime shared:8 - securityfs securityfs rw
(mount.c:553): 34 28 0:28 / /dev/shm rw,nosuid,nodev shared:4 - tmpfs tmpfs rw
(mount.c:553): 35 30 0:29 / /run/lock rw,nosuid,nodev,noexec,relatime shared:6 - tmpfs tmpfs rw,size=5120k
(mount.c:553): 36 26 0:30 / /sys/fs/cgroup ro,nosuid,nodev,noexec shared:9 - tmpfs tmpfs ro,mode=755
(mount.c:553): 37 36 0:31 / /sys/fs/cgroup/unified rw,nosuid,nodev,noexec,relatime shared:10 - cgroup2 cgroup2 rw,nsdelegate
(mount.c:553): 38 36 0:32 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime shared:11 - cgroup cgroup rw,xattr,name=systemd
(mount.c:553): 39 26 0:33 / /sys/fs/pstore rw,nosuid,nodev,noexec,relatime shared:12 - pstore pstore rw
(mount.c:553): 40 26 0:34 / /sys/fs/bpf rw,nosuid,nodev,noexec,relatime shared:13 - bpf none rw,mode=700
(mount.c:553): 41 36 0:35 / /sys/fs/cgroup/pids rw,nosuid,nodev,noexec,relatime shared:15 - cgroup cgroup rw,pids
(mount.c:553): 42 36 0:36 / /sys/fs/cgroup/net_cls,net_prio rw,nosuid,nodev,noexec,relatime shared:16 - cgroup cgroup rw,net_cls,net_prio
(mount.c:553): 43 36 0:37 / /sys/fs/cgroup/perf_event rw,nosuid,nodev,noexec,relatime shared:17 - cgroup cgroup rw,perf_event
(mount.c:553): 44 36 0:38 / /sys/fs/cgroup/cpu,cpuacct rw,nosuid,nodev,noexec,relatime shared:18 - cgroup cgroup rw,cpu,cpuacct
(mount.c:553): 45 36 0:39 / /sys/fs/cgroup/freezer rw,nosuid,nodev,noexec,relatime shared:19 - cgroup cgroup rw,freezer
(mount.c:553): 46 36 0:40 / /sys/fs/cgroup/rdma rw,nosuid,nodev,noexec,relatime shared:20 - cgroup cgroup rw,rdma
(mount.c:553): 47 36 0:41 / /sys/fs/cgroup/hugetlb rw,nosuid,nodev,noexec,relatime shared:21 - cgroup cgroup rw,hugetlb
(mount.c:553): 48 36 0:42 / /sys/fs/cgroup/cpuset rw,nosuid,nodev,noexec,relatime shared:22 - cgroup cgroup rw,cpuset
(mount.c:553): 49 36 0:43 / /sys/fs/cgroup/blkio rw,nosuid,nodev,noexec,relatime shared:23 - cgroup cgroup rw,blkio
(mount.c:553): 50 36 0:44 / /sys/fs/cgroup/memory rw,nosuid,nodev,noexec,relatime shared:24 - cgroup cgroup rw,memory
(mount.c:553): 51 36 0:45 / /sys/fs/cgroup/devices rw,nosuid,nodev,noexec,relatime shared:25 - cgroup cgroup rw,devices
(mount.c:553): 52 27 0:46 / /proc/sys/fs/binfmt_misc rw,relatime shared:26 - autofs systemd-1 rw,fd=28,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=16829
(mount.c:553): 53 28 0:21 / /dev/mqueue rw,nosuid,nodev,noexec,relatime shared:27 - mqueue mqueue rw
(mount.c:553): 54 26 0:12 / /sys/kernel/tracing rw,nosuid,nodev,noexec,relatime shared:28 - tracefs tracefs rw
(mount.c:553): 55 26 0:8 / /sys/kernel/debug rw,nosuid,nodev,noexec,relatime shared:29 - debugfs debugfs rw
(mount.c:553): 56 28 0:47 / /dev/hugepages rw,relatime shared:30 - hugetlbfs hugetlbfs rw,pagesize=2M
(mount.c:553): 57 26 0:48 / /sys/fs/fuse/connections rw,nosuid,nodev,noexec,relatime shared:31 - fusectl fusectl rw
(mount.c:553): 58 26 0:22 / /sys/kernel/config rw,nosuid,nodev,noexec,relatime shared:32 - configfs configfs rw
(mount.c:553): 126 32 252:1 / /boot/efi rw,relatime shared:67 - vfat /dev/vda1 rw,fmask=0077,dmask=0077,codepage=437,iocharset=iso8859-1,shortname=mixed,errors=remount-ro
(mount.c:553): 749 30 0:51 / /run/user/121 rw,nosuid,nodev,relatime shared:417 - tmpfs tmpfs rw,size=203500k,mode=700,uid=121,gid=129
(mount.c:553): 769 749 0:52 / /run/user/121/gvfs rw,nosuid,nodev,relatime shared:428 - fuse.gvfsd-fuse gvfsd-fuse rw,user_id=121,group_id=129
(mount.c:553): 509 30 0:50 / /run/user/1000 rw,nosuid,nodev,relatime shared:279 - tmpfs tmpfs rw,size=203500k,mode=700,uid=1000,gid=1000
(mount.c:553): 529 509 0:53 / /run/user/1000/gvfs rw,nosuid,nodev,relatime shared:290 - fuse.gvfsd-fuse gvfsd-fuse rw,user_id=1000,group_id=1000
(mount.c:553): 553 32 0:54 / /home/coln/test rw,nosuid,nodev,relatime shared:301 - fuse curlftpfs#ftp://test.test.lan/ rw,user_id=1067400026,group_id=1067400026
command: 'pmvarrun' '-u' 'coln' '-o' '1' 
(pmvarrun.c:258): parsed count value 0
(pam_mount.c:441): pmvarrun says login count is 1
(pam_mount.c:660): done opening session (ret=0)

bdenisska ()
Ответ на: комментарий от bdenisska

Вопрос решен!

<volume fstype="fuse"
server="test.test.lan"
path="curlftpfs#ftp://test.test.lan"
mountpoint="/home/coln/test/"
options="rw,user=%(USER)"
ssh="0" noroot="1" />

в options параметр user= должен быть последним судя по всему

bdenisska ()
Для того чтобы оставить комментарий войдите или зарегистрируйтесь.