От root видит, а от простого юзера не видит.
/etc/pam.d/common-session
#
# /etc/pam.d/common-session - session-related modules common to all services
#
# This file is included from other service-specific PAM config files,
# and should contain a list of modules that define tasks to be performed
# at the start and end of sessions of *any* kind (both interactive and
# non-interactive).
#
# As of pam 1.0.1-6, this file is managed by pam-auth-update by default.
# To take advantage of this, it is recommended that you configure any
# local modules either before or after the default block, and use
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# here are the per-package modules (the "Primary" block)
session [default=1] pam_permit.so
# here's the fallback if no module succeeds
session requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
session required pam_permit.so
# and here are more per-package modules (the "Additional" block)
session required pam_unix.so
session optional pam_loginuid.so
session optional pam_ck_connector.so nox11
# end of pam-auth-update config
Все pam установлены:
ls /lib/i386-linux-gnu/security/
root@debian:/etc/pam.d# ls /lib/i386-linux-gnu/security/
pam_access.so pam_issue.so pam_permit.so pam_tally.so
pam_cap.so pam_keyinit.so pam_pwhistory.so pam_time.so
pam_ck_connector.so pam_lastlog.so pam_rhosts.so pam_timestamp.so
pam_debug.so pam_limits.so pam_rootok.so pam_umask.so
pam_deny.so pam_listfile.so pam_securetty.so pam_unix.so
pam_echo.so pam_localuser.so pam_selinux.so pam_userdb.so
pam_env.so pam_loginuid.so pam_sepermit.so pam_warn.so
pam_exec.so pam_mail.so pam_shells.so pam_wheel.so
pam_faildelay.so pam_mkhomedir.so pam_stress.so pam_xauth.so
pam_filter.so pam_motd.so pam_succeed_if.so
pam_ftp.so pam_namespace.so pam_systemd.so
pam_group.so pam_nologin.so pam_tally2.so
/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla
Action=org.freedesktop.udisks*
/etc/polkit-1/localauthority/50-local.d/consolekit.pkla
[restart]
Identity=unix-user:*
Action=org.freedesktop.consolekit.system.restart
ResultAny=yes
[stop]
Identity=unix-user:*
Action=org.freedesktop.consolekit.system.stop
ResultAny=yes
/etc/polkit-1/localauthority/50-local.d/udisks.pkla
[udisks]
Identity=unix-user:*
Action=org.freedesktop.udisks*
ResultAny=yes
/etc/udev/rules.d/mnt.rules1
KERNEL=="sd[a-z]", GOTO="do-disk-rules"
KERNEL!="sd[a-z][0-9]", GOTO="end-of-file"
LABEL="do-disk-rules"
ACTION=="add", ENV{ID_USB_DRIVER}="usb-storage", GROUP="storage"
IMPORT{program}="/sbin/blkid -o udev -p %N"
ACTION=="remove", ENV{ID_FS_TYPE}!="", RUN+="/bin/sed -i '/\/dev\/%k /d' /etc/fstab"
ACTION=="remove", ENV{ID_FS_TYPE}!="", RUN+="/bin/rmdir /media/$env{ID_FS_TYPE}-%k"
ACTION=="add", ENV{ID_FS_TYPE}!="", RUN+="/bin/mkdir -p /media/$env{ID_FS_TYPE}-%k"
# монтирование раздела fat32
ACTION=="add", ENV{ID_FS_TYPE}=="vfat", RUN+="/bin/sed -i '$a\/dev/%k /media/$env{ID_FS_TYPE}-%k vfat rw' /etc/fstab"
# монтирование раздела ntfs
ACTION=="add", ENV{ID_FS_TYPE}=="ntfs", RUN+="/bin/sed -i '$a\/dev/%k /media/$env{ID_FS_TYPE}-%k ntfs-3g rw' /etc/fstab"
# монтирование прочих ФС
ACTION=="add", ENV{ID_FS_TYPE}!="", ENV{ID_FS_TYPE}!="ntfs|vfat", RUN+="/bin/sed -i '$a\/dev/%k /media/$env{ID_FS_TYPE}-%k $
LABEL="end-of-file"