使用 pam_mount 模块挂载 NFS 共享

使用 pam_mount 模块挂载 NFS 共享

我正在设置一个教室环境,其中 Windows 2012 R2 Server 用作域控制器和文件服务器。所有客户端都将是 Kubuntu 14.04。我已经在服务器上设置了域和 NFS 共享。我可以在客户端计算机上手动安装共享,但我尝试将客户端配置为在用户登录时使用 pam_mount 自动安装共享。

在客户端计算机上,showmount 命令列出了共享。用户已加入域并在 AD 中可见。

我可以手动挂载共享,但是尽管遵循了许多在线教程,我似乎无法正确获取 pam_mount.config.xml 文件中字段的语法,我收到一条错误消息:

mount.nfs: an incorrect mount option was specified

我的 pam_mount.conf.xml 中的卷行:

<volume fstype="nfs" server="INSTRUCTOR.mydom.lan" path="/%(USER)" mountpoint="/home/%(USER)" user="*" options="workgroup=mydom.lan,uid=%(USER),dir_mode=0700,file_mode=0700,nosuid,nodev" />

我已经打开调试,以下是输出:

branch@branch-compaq:/$ su p1001
Password: 
(pam_mount.c:365): pam_mount 2.14: entering auth stage
(pam_mount.c:568): pam_mount 2.14: entering session stage
(mount.c:267): Mount info: globalconf, user=p1001 <volume fstype="nfs" server="INSTRUCTOR.mydom.lan" path="/p1001" mountpoint="/home/p1001" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="workgroup=mydom.lan,uid=p1001,dir_mode=0700,file_mode=0700,nosuid,nodev" />        fstab=0 ssh=0
(mount.c:664): Password will be sent to helper as-is.
command: 'mount'   '-oworkgroup=mydom.lan,uid=p1001,dir_mode=0700,file_mode=0700,nosuid,nodev' '-tnfs' 'INSTRUCTOR.mydom.lan:/p1001' '/home/p1001' 
(mount.c:72): Messages from underlying mount program:
(mount.c:76): mount.nfs: an incorrect mount option was specified
(mount.c:558): 17 22 0:15 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
(mount.c:558): 18 22 0:3 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
(mount.c:558): 19 22 0:5 / /dev rw,relatime - devtmpfs udev rw,size=8138048k,nr_inodes=2034512,mode=755
(mount.c:558): 20 19 0:12 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
(mount.c:558): 21 22 0:16 / /run rw,nosuid,noexec,relatime - tmpfs tmpfs rw,size=1630580k,mode=755
(mount.c:558): 22 1 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/86484c12-806c-420e-8cec-ccbc924ebf2e rw,errors=remount-ro,data=ordered
(mount.c:558): 23 17 0:17 / /sys/fs/cgroup rw,relatime - tmpfs none rw,size=4k,mode=755
(mount.c:558): 24 17 0:18 / /sys/fs/fuse/connections rw,relatime - fusectl none rw
(mount.c:558): 25 17 0:6 / /sys/kernel/debug rw,relatime - debugfs none rw
(mount.c:558): 26 17 0:10 / /sys/kernel/security rw,relatime - securityfs none rw
(mount.c:558): 27 21 0:19 / /run/lock rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=5120k
(mount.c:558): 28 21 0:20 / /run/shm rw,nosuid,nodev,relatime - tmpfs none rw
(mount.c:558): 29 21 0:21 / /run/user rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=102400k,mode=755
(mount.c:558): 30 17 0:22 / /sys/fs/pstore rw,relatime - pstore none rw
(mount.c:558): 31 21 0:23 / /run/rpc_pipefs rw,relatime - rpc_pipefs rpc_pipefs rw
(mount.c:558): 32 23 0:24 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime - cgroup systemd rw,name=systemd
(pam_mount.c:522): mount of /p1001 failed
command: 'pmvarrun' '-u' 'p1001' '-o' '1' 
(pmvarrun.c:258): parsed count value 12
(pam_mount.c:441): pmvarrun says login count is 13
(pam_mount.c:660): done opening session (ret=0)

我的公共会话文件的内容:

#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules.  See
# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)
session [default=1]         pam_permit.so
# here's the fallback if no module succeeds
session requisite           pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required            pam_permit.so
session required                        pam_mkhomedir.so skel=/etc/skel/ umask=0077
# The pam_umask module will set the umask according to the system default in
# /etc/login.defs and user settings, solving the problem of different
# umask settings with different shells, display managers, remote sessions etc.
# See "man pam_umask".
session optional            pam_umask.so
# and here are more per-package modules (the "Additional" block)
session optional    pam_mount.so
session required    pam_unix.so 
session [success=ok default=ignore] pam_lsass.so
session optional    pam_systemd.so 
session optional            pam_ck_connector.so nox11
# end of pam-auth-update config

对于我做错的事情的任何建议,我都感激不尽。

答案1

据我所知,无论是workgroup还是file_mode 都不uid是 NFS 挂载的有效挂载选项。支持的挂载选项通常在系统手册中列出 man 5 nfs

从卷定义中删除该选项,您的错误消息就会消失。

相关内容