使用 pam_mount 模組掛載 NFS 共享

我正在設置一個課堂環境，其中 Windows 2012 R2 Server 用作域控制器和文件伺服器。所有客戶端都是 Kubuntu 14.04。我已經在伺服器上設置了域和 NFS 共享。我可以在客戶端機器上手動掛載共享，但我試圖將客戶端配置為在使用者登錄時使用 pam_mount 自動掛載共享。

在客戶端機器上，showmount 命令列出共享。使用者已加入域並在 AD 中可見。

我可以手動掛載共享，但是儘管遵循了許多線上教程，但我似乎無法為我的 pam_mount.config.xml 文件中的欄位獲取正確的語法，我收到一條錯誤消息：

mount.nfs: an incorrect mount option was specified

我的 pam_mount.conf.xml 中的捲行：

<volume fstype="nfs" server="INSTRUCTOR.mydom.lan" path="/%(USER)" mountpoint="/home/%(USER)" user="*" options="workgroup=mydom.lan,uid=%(USER),dir_mode=0700,file_mode=0700,nosuid,nodev" />

我已經打開調試，這裡是輸出：

branch@branch-compaq:/$ su p1001
Password: 
(pam_mount.c:365): pam_mount 2.14: entering auth stage
(pam_mount.c:568): pam_mount 2.14: entering session stage
(mount.c:267): Mount info: globalconf, user=p1001 <volume fstype="nfs" server="INSTRUCTOR.mydom.lan" path="/p1001" mountpoint="/home/p1001" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="workgroup=mydom.lan,uid=p1001,dir_mode=0700,file_mode=0700,nosuid,nodev" />        fstab=0 ssh=0
(mount.c:664): Password will be sent to helper as-is.
command: 'mount'   '-oworkgroup=mydom.lan,uid=p1001,dir_mode=0700,file_mode=0700,nosuid,nodev' '-tnfs' 'INSTRUCTOR.mydom.lan:/p1001' '/home/p1001' 
(mount.c:72): Messages from underlying mount program:
(mount.c:76): mount.nfs: an incorrect mount option was specified
(mount.c:558): 17 22 0:15 / /sys rw,nosuid,nodev,noexec,relatime - sysfs sysfs rw
(mount.c:558): 18 22 0:3 / /proc rw,nosuid,nodev,noexec,relatime - proc proc rw
(mount.c:558): 19 22 0:5 / /dev rw,relatime - devtmpfs udev rw,size=8138048k,nr_inodes=2034512,mode=755
(mount.c:558): 20 19 0:12 / /dev/pts rw,nosuid,noexec,relatime - devpts devpts rw,gid=5,mode=620,ptmxmode=000
(mount.c:558): 21 22 0:16 / /run rw,nosuid,noexec,relatime - tmpfs tmpfs rw,size=1630580k,mode=755
(mount.c:558): 22 1 8:1 / / rw,relatime - ext4 /dev/disk/by-uuid/86484c12-806c-420e-8cec-ccbc924ebf2e rw,errors=remount-ro,data=ordered
(mount.c:558): 23 17 0:17 / /sys/fs/cgroup rw,relatime - tmpfs none rw,size=4k,mode=755
(mount.c:558): 24 17 0:18 / /sys/fs/fuse/connections rw,relatime - fusectl none rw
(mount.c:558): 25 17 0:6 / /sys/kernel/debug rw,relatime - debugfs none rw
(mount.c:558): 26 17 0:10 / /sys/kernel/security rw,relatime - securityfs none rw
(mount.c:558): 27 21 0:19 / /run/lock rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=5120k
(mount.c:558): 28 21 0:20 / /run/shm rw,nosuid,nodev,relatime - tmpfs none rw
(mount.c:558): 29 21 0:21 / /run/user rw,nosuid,nodev,noexec,relatime - tmpfs none rw,size=102400k,mode=755
(mount.c:558): 30 17 0:22 / /sys/fs/pstore rw,relatime - pstore none rw
(mount.c:558): 31 21 0:23 / /run/rpc_pipefs rw,relatime - rpc_pipefs rpc_pipefs rw
(mount.c:558): 32 23 0:24 / /sys/fs/cgroup/systemd rw,nosuid,nodev,noexec,relatime - cgroup systemd rw,name=systemd
(pam_mount.c:522): mount of /p1001 failed
command: 'pmvarrun' '-u' 'p1001' '-o' '1' 
(pmvarrun.c:258): parsed count value 12
(pam_mount.c:441): pmvarrun says login count is 13
(pam_mount.c:660): done opening session (ret=0)

我的公共會話文件的內容：

#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules.  See
# pam-auth-update(8) for details.

# here are the per-package modules (the "Primary" block)
session [default=1]         pam_permit.so
# here's the fallback if no module succeeds
session requisite           pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required            pam_permit.so
session required                        pam_mkhomedir.so skel=/etc/skel/ umask=0077
# The pam_umask module will set the umask according to the system default in
# /etc/login.defs and user settings, solving the problem of different
# umask settings with different shells, display managers, remote sessions etc.
# See "man pam_umask".
session optional            pam_umask.so
# and here are more per-package modules (the "Additional" block)
session optional    pam_mount.so
session required    pam_unix.so 
session [success=ok default=ignore] pam_lsass.so
session optional    pam_systemd.so 
session optional            pam_ck_connector.so nox11
# end of pam-auth-update config

任何關於我做錯了什麼的建議，都非常感謝。

據我所知，NFS 掛載的掛載選項既不workgroup也不file_mode 是uid有效的掛載選項。支持的安裝選項通常列在系統手冊 man 5 nfs中。

從卷定義中刪除該選項，您的錯誤消息應該會消失。

引用自：https://serverfault.com/questions/612942