Login via SSH fails for a single user: Failed to mount home directory

ucs-4-1

#1

Hi,

in general login in via SSH for root / Administrator and as well as other users works fine. Just when i log in with my user which is as well part in the “Domain Admins” group, the session starts and closes directly again:

tobias@tobias-desktop:~$ ssh tobias@ucs2
Password: 
Univention DC Slave 4.1-4:

The UCS management system can be reached by following the link to the domain controller
master at https://ucs2.intranet.tobiaslorentz.de/ (192.168.64.3) and selecting the
Univention Management Console.

You can log into the Univention Management Console - the principal tool to manage 
users, groups, etc. - using the "Administrator" account and the password selected 
for the root user on the master domain controller.


Last login: Wed Apr  5 21:01:25 2017 from 192.168.64.21
Connection to ucs2 closed.
tobias@tobias-desktop:~$

When i check the var/log/messages, i find the following entry:
Apr 5 22:18:35 ucs2 univention-mount-homedir: Failed to mount home directory: '/home/tobias'

This seems to be as well the problem, why i cannot login to any samba share.

I have checked the home dir and it exists properly. When i log in via root, i can do a
su tobias
and can see the content of my home dir successfully.

I have also tried to change the homedir to another path in the user setting. When i then login, it creates the new folder, but still shows the same behavoir and does not let me log in.

What could be the reason for this behavior?

Thank you very much for your help!

Kind Regards,

Tobias Lorentz


#2

Hello,

Iam also having the same issue


#3

The error is thrown by the following function in univention-mount-homedir:

                if not mount_nfs_home(host, path, user.pw_dir):
                        syslog.syslog("Failed to mount home directory: %r" % (user.pw_dir, ))
                        sys.exit(1)

and this is the function:

def mount_nfs_home(host, path, mount_point):
        '''mount NFS home share <path> from <host> on <mount_point>'''
        if subprocess.call(('mount', '-t', 'nfs', '%s:%s' % (host, path, ), mount_point, )) == 0:
                with open(MOUNTS_FILE, 'ab') as mounts:
                        mounts.write('%s %d\n' % (mount_point, time.time(), ))
                return True
        return False

It depends how the homedir is configured. Are you using NFS for the homes by intention?

Best Regards,
Dirk Ahrnke


#4

Hi,

i don’t think that i configured anything like that by intension. I also do not see any parameter on the user object in ucs. The user has as unix home dir “/home/tobias” and as login-shell “/bin/bash”.
Can you tell me where i need to change something?

Thank you very much!

Kind Regards,

Tobias Lorentz


#5

lets look at some more lines from the script, especially the ones above the error:

...
                (_, host, path, ) = parse_automount(homeattr)
                if not host or not path:
                        syslog.syslog("Bad information in LDAP. Not mounting home directory.")
                        sys.exit(1)

                if host in (hostname_fqdn(), hostname_short(), ) and os.path.realpath(path) == os.path.realpath(user.pw_dir):
                        syslog.syslog("Home directory is local.")
                        sys.exit(0)
                create_home(user)
                if not mount_nfs_home(host, path, user.pw_dir):
                        syslog.syslog("Failed to mount home directory: %r" % (user.pw_dir, ))
                        sys.exit(1)

We can see that there is a decision whether an NFS-mount should be tried or a local directory is to be used.
I’d doublecheck the difference for all POSIX-attributes between the working and non-working account.
And just to make sure that UMC shows real data also compare with the data from univention-ldapsearch.

There are also UCRV homedir/* but if the problem has these as root cause I’d expect the same issue with other accounts.


#6

Hi,

thank you very much for those hints.
I have found the attribute: automountInformation.
This contained a previous value of the field Heimatverzeichnisfreigabe of the linux account section in ucs (actually that dropdown was empty in ucs).
I delete it with ldapmodify via command line and now it works.

Thank you very much!

Kind Regards,

Tobias Lorentz