Home directories on Lustre seem to be a problem for pam_google_authenticator. Attempts to read .google_authenticator will always fail with a permission denied. Lustre is exported with root_squash. Using the very same home directories mounted via NFS (also exported with root_squash) works without problems.

I'm aware that this problem is likely more related to Lustre than to the google authenticator. However, maybe you have an idea what I could try to fix it. My first idea was, that this could be related to issue #166, but that is not the case. Also, we don't use selinux.

Mai 26 11:31:18 login sshd(pam_google_authenticator)[20414]: Failed to read "/home/testuser/.google_authenticator" for "testuser": Permission denied

The permissions of the file are as expected. SSH is also able to read the authorized_keys file from the Lustre-Home without problems. So in general switching the user ID and reading a file from Lustre works during SSH login, but not for the google authenticator. Any ideas what SSH itself is doing differently from pam_google_authenticator?