Sophie

Sophie

distrib > Mandriva > 9.1 > ppc > by-pkgid > c51d7f3c87c3bc9273254d0e449d2080 > files > 1

pam_mount-0.5.9-1mdk.ppc.rpm

# Turn on if you want to debug why some volume cannot be mounted etc.
# This can be overriden by user's local configuration
# 
# Format: debug [ 1 | 0 ]
# Local user configuration can override this.

debug 1
mkmountpoint 1
lsof /usr/sbin/lsof

# These directives determine which options may be specified in a user config
# file (luserconf). You must include one of these directives if you have a
# luserconf directive. You may not include both directives.
#
# If you have an options_allow directive, then the options listed in that
# directive wil be allowed, and all others rejected. If you have an
# options_deny directive, then the options listed will be denied, and all others
# permitted.
#
# You may use the wildcard '*' to match all options.
#
# options_allow	nosuid,nodev
# options_deny	suid,dev
# options_allow	*
# options_deny	*
#
# I recommend not permitting the suid and dev options.

# The options listed in this directive are required for all volumes from a
# user config file. That is, any volume specified in a user config file that
# does not include these options will be ignored.
#
# Note: you must make sure that a required option is permitted (either by
# including it in options_allow, or by not including it in options_deny).
#
# I recommend requiring at least nosuid and nodev.
#
options_require	nosuid,nodev

# Users' local configuration file (if there is none, comment out this
# parameter). Will be read as ~/<file>
#
# Note: you must include either options_allow or options_deny to use
# this directive. I recommend also including options_require.
#
# Format: luserconf <file>

luserconf .pam_mount.conf

# Commands to mount/unmount volumes. They can take parameters, as shown.
#
# If you change the -p0 argument for lclmount, you'll need to modify the
# source in pmhelper.c (it sends the password to the stdin file descriptor
# of the child process -- look for STDIN_FILENO).

smbmount /bin/mount -t smbfs
ncpmount /bin/mount -t ncpfs
umount   /bin/umount
pmhelper /usr/sbin/pmhelper
lclmount /bin/mount -p0

# Volumes that will be mounted when user triggers pam_mount module
# (usually at login).
#
# Format:
# volume <user> [smb|ncp|nfs|local] <server> <volume> <mount point> <mount options> <fs key cipher> <fs key path>
#
# General examples:
# volume user smb krueger public /home/user/krueger - - -
# volume user ncp krueger public /home/user/krueger - - -

# Windows 2000, which requires a domain specified, example (thanks John Knox):
# volume * smb viper & /home/& uid=&,gid=&,dmask=0750,workgroup=WINDOWS_DOMAIN - -

# Encrypted home directory examples:
# volume user local - /dev/hda123 /home/user loop,encryption=aes - -
# volume user local - /home/user.img /home/user3 loop,user,exec,encryption=aes,keybits=256 - -
# volume user local - /home/user.img - - - -
# volume user local - /home/user.img - - bf-ecb /home/user4.key
#
# The last two examples need a line like the following in 
# /etc/fstab:
#
# /home/user4.img /home/user4 xfs user,loop,encryption=aes,keybits=256,noauto 0 0
#
# Details:
# Local user configuration can extend this.
# Mount point must be owned by the user.
#
# If there are no servers, mount options, fs key ciphers, etc. you must 
# supply a "-"
#
# If a local mount is specified in a user config file, then the user must
# own the device or file being mounted.
#
# See http://www.tldp.org/HOWTO/Loopback-Encrypted-Filesystem-HOWTO.html
# to learn how to create a encrypted loopback filesystem.
#
# If the volume's password is different than the user's login password,
# the following technique may be used (see also README):
#
# 1.  Create a file containing the volume's password (FS key).  If you are
#     using pam_mount to mount an loopback encrypted volume, this password
#     should may generated by /dev/urandom.  
#
#     Simple example: 
#     echo <volume password> | openssl bf-ecb > /home/user.key
#     Encrypt this file using the user's login password as the key.
#
#     Verbose loopback encrypted volume example:
#     a.  dd if=/dev/urandom of=/home/user.img bs=1M count=<image size in MB>
#     b.  dd if=/dev/urandom bs=1c count=<keysize / 8> | openssl enc \
#         -<fs key cipher> > /home/user.key
#         Encrypt this file using the user's login password as the key.
#     c.  openssl enc -d -<fs key cipher> -in /home/user.key | losetup -e aes \
#         -k <keysize> -p0 /dev/loop0 /home/user.img
#     d.  mkfs -t ext2 /dev/loop0
#     e.  umount /dev/loop0
#     f.  losetup -d /dev/loop0
#
# 3.  In pam_mount.conf:
#	a.  Set the fs key cipher variable to the cipher used (ie: bf-ecb).
#	b.  Set the fs key path variable to the key's path (ie: /home/user.key)
# 4.  If a user changes his login password, regenerate the efsk that 
#     was created in step 1b.  A script named passwdehd is provided to do this.
#
# If fs_key_cipher is -, then the user's login password is also the volume's 
# password.

# Template (or wildcard) volumes
#
# If user is "*", "&" will be replaced by name of the user logging on and 
# ~ will be replaced with the user's home directory.  In this mode, the user 
# need not own the mount point, but it must exist.
#
# volume * smb krueger &     /home/&         uid=&,gid=&,dmask=0750 - -
# volume * smb krueger homes /home/&/remote  - - -

Perl :: Catalyst :: PostgreSQL :: RPM Valid HTML 4.01 Transitional