Many of my viewers are seeking to find some information on “oddjob”, so I thought I might give some details that should help clear the air.
All Linux distributions that I have ever tested are subject to this situation, however please don’t see this as a problem. It is merely something that has not been configured (yet, as it is entirely optional).
If you have ever created a local user on a Linux system, you will find that the home directory for the new user is automatically created for you. As a user or an admin of the system in question, no further work needs to be performed.
However, many people in production environments integrated their Linux servers into some form of Identity Management solution.
This could be Microsoft Active Directory, Red Hat Directory Server, FreeIPA, or one of many other forms of IDM.
When you add your Linux system to your Identity Manager (IDM), this simply sets up the system with the ability to conduct user lookups and authenticate any request that comes in against your chosen IDM.
But, lets say you are in the situation where you are connected to your corporate IDM, and you have noticed that when a new user attempts to log into a Linux system, their home directory does not exist and is not created during the login process.
Chances are, the system has not yet been configured to auto-create the folder on log-in. If this is the case, you can follow the below steps on how to achieve this.
In the past, and even today, you can use the trusty “pam_mkhomedir.so” library. This method has been used for many years, however oddjob does supersede this method.
If you with do use this method, use it for RHEL5 and older systems.
Install the pam_mkhomedir.so package.
[root@server /]# yum install -y pam_mkhomedir.so
then add the below line to the end of /etc/pam.d/system-auth
session required pam_mkhomedir.so skel=/etc/skel/ umask=0022
This has been the method of choice for many many years. Although, with RHEL6 or newer systems, the new recommended way to auto-create home directories is to use oddjobd.
Follow the below steps to use oddjob.
[root@server /]# yum install -y oddjob-mkhomedir
Set oddjob to start on boot, and start the service
[root@server /]# chkconfig oddjobd on [root@server /]# service oddjobd start Starting oddjobd: [ OK ] [root@server /]#
Now we need to update our authentication mechanism to tell oddjob to create our home directory automatically.
root@server ~]# authconfig --enablemkhomedir --update Starting Winbind services: [ OK ] Starting oddjobd: [ OK ] [root@server ~]#
That’s it. As simple as that.
Note: If you use SELinux in enforcing mode in your environments (and yes you should be if you just answered no to that question), you will need to stick with oddjob as there is currently an issue with pam_mkhomedir setting the incorrect SELinux contexts on home directories when they are created.