I have a Ubuntu Studio 22.04.1 desktop client joined to an AD domain controller, which also serves as a file rver. I would like to automount server shares on login of any domain user.
The manpage on pam_mount.conf mentions the possibility of per-user configuration files, but what I need is a per group configuration. If I add a record in /etc/security/pam_mount.conf.xml with "sgrp" specified, will it then be ignored for logins which do not belong to "sgrp"? If not, how can I restrict the mapping to domain users?
The manpage for pam_mount says that "you must include two entries in the system's applicable /etc/pam.d/service config files". Which files are those? I have 31 service configuration files in /etc/pam.d". Various posts suggest adding such lines to "gdm", "system-auth", "system-auth-ac" or "system-login", but I have none of these. Here is what I have:
chfn common-auth cron other runuser sddm-autologin sudo chpasswd common-password cups passwd runuser-l sddm-greeter sudo-i chsh common-session login polkit-1 samba sssd-shadowutils su-l common-account common-session-noninteractive newusers ppp sddm su
How can I debug what pam is doing at login? I have enabled debug in /etc/security/pam-mount.conf.xml, but this will not help me if it is not executed due to a failure to add it to the correct service nor will it help me to troubleshoot GUI logins. Is there a pam log and, if so, how can I view it?
P.S. AskUbuntu kindly suggests that this may duplicate my previous question. However, I haven't received any useful response to that and I am trying to be more specific here.
P.P.S. My prime suspects, common-auth and common-session, already contain references to pam-mount, but the desired shares are not being mounted.
