Mount points from pam_mount.conf.xml no more mounted after upgrade

Hi,

We are using mount points with pam_mount.conf.xml system, with a mounted volume line looking like that:

<volume options="user=%(DOMAIN_USER)" server="server.domain.net" fstype="cifs" path="hq/Prog/" mountpoint="/mnt/prog"/>

And since I’ve updated all distribution (with sudo zypper up), nothing is mounted from this file.

For information, previously (with openSUSE 12.1), we were using the /etc/fstab system with a credential file since didn’t found the way to mount according to logged user, at first it was not working too, but after some tries, adding vers=2.0 to /etc/fstab line options made the job, but unfortunately it hadn’t change anything for pam_mount.conf.xml.

Please also notice I tried rolling back to previous samba version without any success (even with first version that was working fine previously !!!), here are the available versions I can see:

i+ | samba                       | package    | 4.7.10+git.124.8d97fe90926-lp150.3.9.1 | x86_64 | Mirror_Leap15-update-oss
v  | samba                       | package    | 4.7.8+git.86.94b6d10f7dd-lp150.3.6.1   | x86_64 | Mirror_Leap15-update-oss
v  | samba                       | package    | 4.7.8+git.62.c1052da2b4e-lp150.3.3.1   | x86_64 | Mirror_Leap15-update-oss
v  | samba                       | package    | 4.7.6+git.54.6e3276c9872-lp150.2.20    | x86_64 | Mirror_Leap15_oss

Is there something I’m missing in this system, that has changed after upgrade ?

Thanks

I assume you actually meant the following? (That’s the command used for distribution upgrades)

zypper dup

Are you using an old smb.conf perhaps? Check the configuration and/or share your working config via ‘testparm’ output. IIRC, Samba 4.X client is using SMBv2 as the minimum protocol by default. Refer to smb.conf (‘client min protocol’ and ‘client max protocol’) for more information.

Thanks for your answers.

I actually used sudo zypper up, this is maybe the “updated all distribution” wording that does not match what it actually does, I used this wording because I thought using sudo zypper up would update all distribution in the meaning “updating all applications installed on my distribution”.

And there is no min/max protocol defined in smb.conf (and I think this is just the default one that comes with samba install), here is the testparm output:

Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
Can't find include file /etc/samba/dhcp.conf
WARNING: The "idmap gid" option is deprecated
WARNING: The "idmap uid" option is deprecated
Processing section "[homes]"
Processing section "[profiles]"
Processing section "[users]"
Processing section "[groups]"
Processing section "[printers]"
Processing section "[print$]"
Loaded services file OK.
Server role: ROLE_DOMAIN_MEMBER

Press enter to see a dump of your service definitions

# Global parameters
[global]
    idmap gid = 10000-20000
    idmap uid = 10000-20000
    kerberos method = secrets and keytab
    logon drive = P:
    logon home = \\%L\%U\.9xprofile
    logon path = \\%L\profiles\.msprofile
    map to guest = Bad User
    printcap name = cups
    security = DOMAIN
    idmap config * : range = 10000-20000
    idmap config * : backend = tdb
    cups options = raw
    include = /etc/samba/dhcp.conf


[homes]
    browseable = No
    comment = Home Directories
    inherit acls = Yes
    read only = No
    valid users = %S %D%w%S


[profiles]
    comment = Network Profiles Service
    create mask = 0600
    directory mask = 0700
    path = %H
    read only = No
    store dos attributes = Yes


[users]
    comment = All users
    inherit acls = Yes
    path = /home
    read only = No
    veto files = /aquota.user/groups/shares/


[groups]
    comment = All groups
    inherit acls = Yes
    path = /home/groups
    read only = No


[printers]
    browseable = No
    comment = All Printers
    create mask = 0600
    path = /var/tmp
    printable = Yes


[print$]
    comment = Printer Drivers
    create mask = 0664
    directory mask = 0775
    force group = ntadmin
    path = /var/lib/samba/drivers
    write list = @ntadmin root

EDIT: I’ve just seen that, even if mount is now working with our old system, when I try to open a document it is very very very … very slow, indeed, it took more than 30 seconds to open a file that used to open instantly… And if I open the same file from a computer with an old openSUSE 12.1 system I have no such issue (the file actually opened in a split second). This is, again, very very very … very annoying !

Yes, it updates all packages in the distribution.

So suppose your distribution is using OpenOffice. And the maintainers decide to switch to LibreOffice. Then your “zypper up” will continue to update “OpenOffice”, but it will never pull in “LibreOffice”.

Normally, this would not matter. The next full release of your distro would have “LibreOffice”. So an upgrade to the next full release would do the trick.

The thing about Tumbleweed, is that it is a rolling distribution. So you should treat it as continuous upgrades rather than updates.

You need to use “zypper dup” for those upgrades.

So switch to using “zypper dup” for Tumbleweed. Otherwise some parts of your system will fall behind.

Thanks for your answer but, and this is my fault since I derived from the main subject (pam_mount.conf.xml items not mounted), my goal is not to update to next distribution but to have pam_mount.conf.xml working as expected on the current one, and, since I managed to fix it, I can see this would definitively not have fix it.

Then, as said above, I managed to fix my issue, following the fact that it was working with /etc/fstab after addition of vers=2.0, I’ve seen in pam_mount.conf.xml that you don’t just need to add the option in <volume options="…" …/> items, it would have been too easy, you also need to allow this option, and yes, in the same file, with <mntoptions allow="…"/>, this is something I don’t understand, if I add a volume line with an option this is that, of course, I want to allow it…

PS: I had other stuff to do then I let this message unfinished for a time, I then got a “Token expired, press back and refresh page”, and, despide the fact that I’ve seen “Auto-Saved” on the bottom left of the text widget I’m writting on, when I pressed back I lost it all, and even, pressing “Restore Auto-Saved Content” did nothing too… I then had to type all again… and this is very annoying ! And this is not all, refreshing the page sent me to https://www.microfocus.com/nesp/app?first=false instead of the login page (I supposed I was logout too after all this time)… Best end of friday afternoon ever !
Now I’m going to chill out for the week-end :slight_smile:

But he is using LEAP15.0 ?!?!?!

Oops! (some noise to keep the forum software happy).