Run pam_exec after home directory creation CentOS 6

Question

How can I make a pam_exec script in /etc/pam.d/sshd run after the home directory has been created? I am on CentOS 6.5 and use network accounts via PBIS / Likewise-Open.

Right now, if a new user logs in the script runs, then their home directory is created which means the user has to log out and back in for things to work right.

Here is my /etc/pam.d/sshd file:

#%PAM-1.0
auth       required     pam_sepermit.so
auth       include      password-auth
account    required     pam_nologin.so
account    include      password-auth
password   include      password-auth
# pam_selinux.so close should be the first session rule
session    required     pam_selinux.so close
session    required     pam_loginuid.so
session    optional     pam_exec.so log=/var/log/linkPublicHtml /usr/local/bin/linkPublicHtml.sh
# pam_selinux.so open should only be followed by sessions to be executed in the user context
session    required     pam_selinux.so open env_params
session    optional     pam_keyinit.so force revoke
session    include      password-auth
session    sufficient      pam_lsass.so

Remember that these directives are processed in the order they appear, and the answer then is obvious. — Michael Hampton, Mar 29 '14 at 14:23
Not so obvious to me... I would appreciate you filling me in. — GeneBean, Mar 30 '14 at 12:29

score 1 · Answer 1 · answered Jul 06 '18 at 11:16

try that added the line below (just above the line: session optional pam_mkhomedir.so)

...
session     optional      pam_oddjob_mkhomedir.so umask=0077
session     optional      pam_exec.so log=/var/log/linkPublicHtml /usr/local/bin/linkPublicHtml.sh

Run pam_exec after home directory creation CentOS 6

1 Answers1