There is a PAM module available that creates home directories on fly, pam_mkhomedir.so. This is quite useful if you have an LDAP authentication in place ( in this case Directory Server 6.3) but quite annoying if the users do not have a home directory.
First of all , you will need to download the files [kernel.org](http =//www.kernel.org)
PATH=/usr/sfw/bin:/usr/ccs/bin:$PATH;export PATH
gcc -c -g -O2 -D_REENTRANT -DPAM_DYNAMIC -Wall
-fPIC -I../../libpam/include \
-I../../libpamc/include \
-I../pammodutil/include pam_mkhomedir.c
I compiled the module and enabled it. I decided to debug why the module was not working properly. First, I enabled debug mode in syslog daemon, you only need to add.
*.debug /var/adm/pam_log
in the /etc/syslog.conf. Here is what I found out after poking around the logs:
May 18 10:27:25 kestod sshd[26177]:
[ID 547715 auth.debug] PAM[26177]: load_function: successful load of
pam_sm_setcred
May 18 10:27:25 kestodd sshd[26177]:
[ID 482737 auth.debug] PAM[26177]: pam_open_session(8a828, 0)
May 18 10:27:25 des-to16-d sshd[26177]: [ID 926797 auth.debug]
PAM[26177]: load_modules(8a828,
pam_sm_open_session)=/usr/lib/security/pam_mkhomedir.so*
This wasn’t going anywhere, perhaps trying with an LDAP user, iterating over different services I could find out something. First, SSH, no luck. My second thought was to try telnet and I got this:
login: user1
Password:
ld.so.1: login: fatal: relocation error:
file /usr/lib/security/pam_mkhomedir.so: symbol _pammodutil_getpwnam: referenced symbol not found
Connection to localhost closed by foreign host.
Finally we were going somewhere. I opened pam_mkhomedir.c and I searched the name of functions, matching even more functions:
_pammodutil_getpwnam
_pammodutil_read
_pammodutil_write
_pammodutil_cleanup
Those functions were not available in Solaris 10 ( of course neither above versions ). I decided to include all the functions definition in the same file, and I added some includes, so this is all the code you need to add pam_mkhomedir.c and compile.
You have to copy and paste both declarations and their implementations.
other session required pam_mkhomedir.so skel=/etc/skel umask=0022
Now you can try to log in the system with a LDAP user:
ssh -l user5 localhost
Password:
Creating directory '/export/home/user5'.
Last login: Thu May 14 17:16:21 2009 from localhost
-bash-3.00$
You can also try to access using telnet. There is backward compability among different versions of Solaris, that means, it will work out in Solaris 8,9 as well. I hope this information can be useful to somebody.