public_html folder not being created for domain users

General support questions
mcgheee
Posts: 2
Joined: 2018/04/20 14:43:45

public_html folder not being created for domain users

Postby mcgheee » 2018/04/20 14:58:27

I have a CentOS 7 system that is connected to Active Directory. The end goal is for this to be a web server where each user has a personal directory with only sftp access. Currently, users are able to log in via ssh, and a home directory is being created for them. I have their login shell set to /usr/sbin/nologin, so they are kicked off the system as soon as the directory is created. I have created a public_html folder under /etc/skel, and followed the directions at viewtopic.php?t=48631#p207316 to configure oddjobd-mkhomedir. The problem I am having is that when their home folder is made, it isn't creating a public_html folder. I have also tried changing sssd.conf to point the home folder to /var/www/html/%u, but then nothing gets created. How can I force creation of public_html folders for AD users at login?

/etc/sssd/sssd.conf :

Code: Select all

domains = my.domain
config_file_version = 2
services = nss, pam
default_domain_suffix = my.domain

[domain/my.domain]
ad_domain = my.domain
krb5_realm = MY.DOMAIN
realmd_tags = manages-system joined-with-samba
cache_credentials = True
id_provider = ad
krb5_store_password_if_offline = True
default_shell = /usr/sbin/nologin
ldap_id_mapping = True
use_fully_qualified_names = True
fallback_homedir = /home/%u
access_provider = simple
simple_allow_groups = webspace@my.domain


/etc/pam.d/system-auth & /etc/pam.d/password-auth :

Code: Select all

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      pam_env.so
auth        required      pam_faildelay.so delay=2000000
auth        [default=1 ignore=ignore success=ok] pam_succeed_if.so uid >= 1000 quiet
auth        [default=1 ignore=ignore success=ok] pam_localuser.so
auth        sufficient    pam_unix.so nullok try_first_pass
auth        requisite     pam_succeed_if.so uid >= 1000 quiet_success
auth        sufficient    pam_sss.so forward_pass
auth        required      pam_deny.so

account     required      pam_unix.so
account     sufficient    pam_localuser.so
account     sufficient    pam_succeed_if.so uid < 1000 quiet
account     [default=bad success=ok user_unknown=ignore] pam_sss.so
account     required      pam_permit.so

password    requisite     pam_pwquality.so try_first_pass local_users_only retry=3 authtok_type=
password    sufficient    pam_unix.so sha512 shadow nullok try_first_pass use_authtok
password    sufficient    pam_sss.so use_authtok
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
-session     optional      pam_systemd.so
session     optional      pam_oddjob_mkhomedir.so umask=0077 skel=/etc/skel
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_unix.so
session     optional      pam_sss.so


/etc/skel folder:

Code: Select all

[root@webserver ~]# ls -la /etc/skel
total 24
drwxr-xr-x.  3 root root   81 Apr 20 09:20 .
drwxr-xr-x. 83 root root 8192 Apr 19 16:03 ..
-rw-r--r--.  1 root root   18 Sep  6  2017 .bash_logout
-rw-r--r--.  1 root root  193 Sep  6  2017 .bash_profile
-rw-r--r--.  1 root root  231 Sep  6  2017 .bashrc
drwxr-xr-x.  2 root root    6 Apr 19 15:50 public_html


Related log messages:

Code: Select all

[root@webserver ~]# tail /var/log/messages
Apr 20 09:31:16 webserver sssd: ; TSIG error with server: tsig verify failure
Apr 20 09:31:54 webserver systemd: Created slice User Slice of mcgheee@my.domain.
Apr 20 09:31:54 webserver systemd: Starting User Slice of mcgheee@my.domain.
Apr 20 09:31:54 webserver systemd: Started Session 22 of user mcgheee@my.domain.
Apr 20 09:31:54 webserver systemd-logind: New session 22 of user mcgheee@my.domain.
Apr 20 09:31:54 webserver systemd: Starting Session 22 of user mcgheee@my.domain.
Apr 20 09:31:54 webserver oddjob-mkhomedir[1893]: error creating /home/mcgheee/public_html: No such file or directory
Apr 20 09:31:54 webserver systemd-logind: Removed session 22.
Apr 20 09:31:54 webserver systemd: Removed slice User Slice of mcgheee@my.domain.
Apr 20 09:31:54 webserver systemd: Stopping User Slice of mcgheee@my.domain.