[OpenAFS] PAM, Samba and OpenAFS

Ted Cox Ted.Cox@wcom.com
Tue, 15 Jan 2002 12:50:18 -0700


I am having difficulty getting users configured so that they can SMB into
their AFS directories.  SMB is properly configured and users can reach
directories not in AFS.  I have this working successfully on a Sun system
running Transarc AFS 3.6, with the AFS PAM module included under other.
However on my RedHat 7.2 machine running OpenAFS 1.2.2 it does not seem to
function with the PAM module in other and samba.  Any ideas would be
greatly appreciated.

Thanks,
Ted Cox

$ cat /etc/pam.d/samba
auth    sufficient   /lib/security/pam_afs.so try_first_pass ignore_root
auth	required	/lib/security/pam_stack.so service=system-auth
account	required	/lib/security/pam_stack.so service=system-auth

$ cat /etc/pam.d/other
#%PAM-1.0
auth    sufficient   /lib/security/pam_afs.so try_first_pass ignore_root
auth     required       /lib/security/pam_deny.so
account  required       /lib/security/pam_deny.so
password required       /lib/security/pam_deny.so
session  required       /lib/security/pam_deny.so

from the samba log:
[2002/01/15 11:06:11, 0] smbd/service.c:make_connection(560)
    system (x.x.x.x) Can't change directory to /afs/.wmci/project/ecs
(Permission denied)