Monday, September 20, 2010

Creating home directories on Linux hosts with pam_mkhomedir

I have been converting a number of hosts to LDAP authentication. I’m currently creating user home directories on each server, which has a number of pros and cons. One of the cons is that a newly provisioned user won’t have a home directory, all will be assigned “/” as their home directory when they login. This is less than ideal, since most users will need a place to modify files and customize their environment. To simplify my life, I have been playing around with autodir and pam_mkhomedir. Both solutions provide an automated way to create user home directories, and are pretty easy to set up.

To configure pam_mkhomedir, you can add add the following line to the session management section of /etc/pam.d/system-auth:

session     optional      pam_mkhomedir.so

After the module is enabled, users should see a “Creating directory” line when they login to a server for the first time:

$ ssh test@foo
test@foo’s password:
Creating directory ‘/home/test’.

In addition to creating the home directory specified in the passwd file (or in the homeDirectory attribute if you are using LDAP), the mkhomedir module will also populate the user’s home directory with the files in /etc/skel:

$ ls -la /etc/skel

total 40
drwxr-xr-x. 4 root root 4096 2009-07-07 13:56 .
drwxr-xr-x. 113 root root 12288 2009-07-16 11:08 ..
-rw-r--r--. 1 root root 18 2009-04-08 06:46 .bash_logout
-rw-r--r--. 1 root root 176 2009-04-08 06:46 .bash_profile
-rw-r--r--. 1 root root 124 2009-04-08 06:46 .bashrc
drwxr-xr-x. 2 root root 4096 2009-03-17 20:54 .gnome2
drwxr-xr-x. 4 root root 4096 2009-07-07 13:44 .mozilla
-rw-r--r--. 1 root root 658 2009-03-02 12:18 .zshrc

Adding to the base set of files that are placed in each user’s home directory is as simple as copying one or more files into /etc/skel, or modifying the existing files. I will touch on the autodir module in a follow up post.

No comments:

Post a Comment