lists.arthurdejong.org
RSS feed

Re: nslcd and LTSP

[Date Prev][Date Next] [Thread Prev][Thread Next]

Re: nslcd and LTSP



On Wed, 2022-01-12 at 14:50 +0000, Daniel Macdonald wrote:
> I've mostly finished configuring a Ubuntu 20.04 LTSP server. The only
> outstanding issue now is that LDAP users can login but their sshfs
> home dirs aren't getting mounted successfully. We are using lightdm
> for the display manager and when an LDAP user logs in it prints the
> error:
> 
> .Pamltsp failed to mount home via SSHFS: read: Connection reset by
> peer

I'm not familiar with LTSP but there are some things that could help
you debug this better.

On some systems the display manager is started before networking is
properly configured or before nslcd is started. That means that LDAP-
based authentication and user lookups return errors at the time the
display manager (e.g. lightdm) is started.

You can have more verbose debug logging from your PAM stack by
appending debug at the end of the lines in /etc/pam.d/common-auth
(assuming this is also how PAM is configured on LTSP). More details on
which PAM modules are executed should then be available in
/var/log/auth.log.

The other useful log is where nslcd logs (usually ends up in
/var/log/daemon.log). You can also specify a custom log file with debug
logging in nslcd.conf via the log option.

There are two things that you sould be able to check for a particular
user from the command line:

- getent passwd someusername
  (this should show basic /etc/passwd equivalent user information)
- su - someusername
  (this should prompt for the user's password if you're not root and
  run the whole PAM stack without lightdm)

Hope this helps,

-- 
-- arthur - arthur@arthurdejong.org - https://arthurdejong.org/ --