It is working with login at local console (Ctrl+Alt+F1) and ssh but not with KDE-Login. The login dialog is not visible.
As soon as I comment out the last 2 lines of common-session-pc after reboot the login dialog appears again.
Could someone please help?
It is not quite clear - are you logged in without any dialog? Or you get display manager screen but without any way to enter username / password? What display manage are you using? Posting screenshot may be helpful.
Tumbleweed starts up without any error, but I cannot see and login with the graphical login dialog. The mouse arrow is visible and movable. If I switch with Ctrl+Alt+F1 to CLI I see the login prompt and everything is like it should be. The login with CLI and ssh to this computer is working correctly.
A screenshot will show a blank black screen with a mouse arrow, so I think it will not be necessary.
I do not understand how the pam_mount.conf.xml is manipulating the behaviour of the gfx login dialog. Is it read before any communication at the login prompt is done? And what is wrong with this volume entry?
If there is a pam_mount expert out there who can help me with an answer ? This would be very helpful for me.
Thx a lot
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<!--
See pam_mount.conf(5) for a description.
-->
<pam_mount>
<!-- debug should come before everything else,
since this file is still processed in a single pass
from top-to-bottom -->
<debug enable="0" />
<!-- Volume definitions -->
<volume
fstype="nfs"
server="servername"
path="/groups"
mountpoint="/groups"
options="vers=3"
/>
<!-- pam_mount parameters: General tunables -->
<!--
<luserconf name=".pam_mount.conf.xml" />
-->
<!-- Note that commenting out mntoptions will give you the defaults.
You will need to explicitly initialize it with the empty string
to reset the defaults to nothing. -->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev" />
<!-- requires ofl from hxtools to be present -->
<logout wait="2000" hup="no" term="yes" kill="yes" />
<!-- pam_mount parameters: Volume-related -->
<mkmountpoint enable="1" remove="true" />
</pam_mount>
This is the fresh installed pam_mount.conf.xml only modified by the volume entry.
pam_mount session expects user password if at least one volume definition is present in case it is needed to mount filesystems. If no password is available in PAM stack it by default tries to query user interactively. sddm-helper PAM service does not use any password at all, so when it invokes pam_mount it attempts to ask user for password. But the current vt at this point is already in graphic mode (Xserver has already been started) so you neither see prompt nor can respond to it.
If you pay attention to the example in the article you referenced - it modified PAM configuration for one service only, not global files that are included by most other services.
Anyway, disabling interactive password query in session module seems to work around it.
session optional pam_mount.so disable_interactive
And did you try to read comments on top of the files you edited? common-auth-pc and common-session-pc are autogenerated and manual changes will be lost next time these files are updated (which happens on updates of packages that are related to PAM).
This made the gfx login dialog (is the correct terminus sddm-helper for this?) appear, the NFS mount is working, but the CIFS mount is not working anymore.
Is there any idea why the CIFS volume alone is working and the NFS volume not?
Is there somewhere a docu where I can solve this problem with tumbleweed? Sometimes there are additional subdirs in /etc or /usr/etc like inside /usr/etc/ssh where I can put those changes. In former times there were some additional files in /etc/pam.d like login, sshd, su, etc.
In Tumbleweed there is only an additional smtp /etc/pam.d.
No. Did you try the obvious steps - manual mount, enabling debug? Anyway, on this forum we really prefer one topic - one question/problem. As you have different question, it is better to start new topic with corresponding title.
Which problem? If you are asking "how to modify common-auth-pc - it is answered directly in the comments in the beginning of this file. Remove the link common-auth and create a plain file instead. This file will not be changed by the system.
You should never edit anything below /usr. Period. This is reserved for your distribution packages and any change there could be silently overwritten.
Packages install their PAM configuration files mostly in /usr/lib/pam.d (this is upstream path) with rare exceptions of /usr/etc/pam.d. Files in /etc/pam.d will be used instead of the files with the same name under /usr. So, to change any default PAM configuration copy it from /usr/lib/pam.d or /usr/etc/pam.d into /etc/pam.d and edit there.
I am sorry to post again here. In the meantime I was testing to put the nfs shares to fstab but now I need to have it back into the pam_mount.conf.xml
Regarding to
OK, so the question in this topic is answered.
The gfx dialog was there but not the CIFSmount. So the solution is only a half solution, because the necessary CIFS mount is not working.
I am still not able to mount CIFS and NFS shares at the same time via pam_mount.