PAM mkhomedir for solaris

There is a PAM module available in order to create home directories on fly, This is quite useful if you have a LDAP server ( in this case Directory Server 6.3) and you are inserting users but their home directories were not created.

First of all , you will need to download the files

PATH=/usr/sfw/bin:/usr/ccs/bin:$PATH;export PATH

gcc -c -g -O2 -D_REENTRANT -DPAM_DYNAMIC -Wall

-fPIC -I../../libpam/include \

-I../../libpamc/include   \

-I../pammodutil/include pam_mkhomedir.c

After the compilation the module dit not work, What should I do now? Well, I tried to debug why the module was not working properly. First I enabled debug mode in syslog daemon, you only need to add.

*.debug /var/adm/pam_log

in the /etc/syslog.conf. Here is what I found out after poking around the logs:

May 18 10:27:25 kestod sshd[26177]: 
[ID 547715 auth.debug] PAM[26177]: load_function: successful load of 
May 18 10:27:25 kestodd sshd[26177]:
[ID 482737 auth.debug] PAM[26177]: pam_open_session(8a828, 0) 
May 18 10:27:25 des-to16-d sshd[26177]: [ID 926797 auth.debug]
PAM[26177]: load_modules(8a828,

Nothing special pointed me out how to solve this, so I tried a different approach. Perhaps trying with a LDAP user, trought different services I could find out something.I tried first SSH and I was kicked out the system. My second thought was to try telnet and I got this:

login: user1 
Password: login: fatal: relocation error:
file /usr/lib/security/ symbol _pammodutil_getpwnam: referenced symbol not found 
Connection to localhost closed by foreign host.

This got me some clues. I edited pam_mkhomedir.c and I found the name of four functions:


Those functions are no available in Solaris 10 ( of course neither above versions ). What did I do? I put all these functions together in the same file, and I added some includes, so this is all the code you need to add pam_mkhomedir.c and compile afterwards:

You have to copy and paste both declarations and their implementations.

other session required skel=/etc/skel umask=0022

Now you can try to log in the system with a LDAP user:

  ssh -l user5 localhost 
  Creating directory '/export/home/user5'. 

  Last login: Thu May 14 17:16:21 2009 from localhost 

You can also try to access using telnet. There is backward compability among different versions of Solaris, that means, it will work out in Solaris 8,9 as well. I hope this information can be useful to somebody.