How do I get pam_exec.so to create a new home dir ZFS dataset for each user who logs in via GDM/LDAP? I'm running Ubuntu 20.04, using GDM and nslcd for LDAP auth.
pam's mkhomedir library doesn't have native support for ZFS yet so I've filed a feature request for this on github. Until that gets implemented, I'll have to hack this together myself.
UPDATE: This is working when logging in to LDAP from the terminal, it just doesn't currently work with gdm (or lightdm).
UPDATE2: Got it working! Updated this post appropriately.
I added the following line to the end of /etc/pam.d/common-session
session optional pam_exec.so /usr/local/bin/mkzfshome.sh
/usr/local/bin/mkzfshome.sh
#!/bin/bash
if [ "$PAM_USER" != "gdm" ] && [ ! -d "/home/$PAM_USER" ] ; then
zfs create -o mountpoint=/home/$PAM_USER astarray/home/$PAM_USER
chown $PAM_USER:1001 /home/$PAM_USER
chmod go-rwx /home/$PAM_USER
fi
We ended up using lightdm instead of gdm so replace gdm with lightdm if you are using lightdm too.
Running mkzfshome.sh requires sudo/root permissions so we will configure sudo to give all members of the isdads-user group permission to run this script as root and without entering a password by running visudo and adding a line such as:
%isdads-user ALL=(ALL) NOPASSWD: /usr/local/bin/mkzfshome.sh
To the sudoers file, where isdads-user is a group that all of your users that will need to run mkzfshome.sh on login are a member of.
