When a user logs into a system and there is no home directory, we would like to to create the user's home directory using pam_mkhomedir. This is a common practice. Here's a quick description of pam_mkhomedir:
The pam_mkhomedir PAM module will create a users home directory if it does not exist when the session begins. This allows users to be present in central database (such as NIS, kerberos or LDAP) without using a distributed file system or pre-creating a large number of directories. The skeleton directory (usually /etc/skel/) is used to copy default files and also sets a umask for the creation.
However, this is a FreeBSD 8.2 system running ZFS. We need to execute a ZFS command first, because we want one ZFS file system per user. pam_mkhomedir can do a mkdir, but we need to do something like zfs create /zpool/home/$USER.
Does anyone know if it is possible to use PAM to execute commands during a user's first login session?
Best Answer
There is a PAM module called
pam_exec- if you write a script which checks for and/or creates the ZFS volume, you can chain this into your existing PAM rules and keep things nice without assuming interactive login, default shells & skeleton directories, etc. For example, you could haveor whatever suits your specific setup.
(As Tom Shaw pointed out in the comments, having
session required pam_mkhomedir.sowould be redundant.)