pam_mount not kicking in

I modified pam_mount.conf.xml to inlcude the lines
 <volume fstype="fuse" ssh="1" path="sshfs#%(USER)@fileserver:" mountpoint="~" />
 <debug enable="1" />

I also modified /etc/pam.d/system-auth to include (at the top)
 auth        optional      pam_mount.so try_first_pass

However, when I try to log in, pam_mount does not seem to be kicking in.
No messages are logged in syslog from pam_mount.

I normally have autofs running. I tried with it turned off and also with
it running. Neither of the two cases gave any indication that pam_mount
is kicking in.

Why is pam_mount not kicking in?


The files /etc/pam.d/system-auth and /etc/security/pam_mount.conf.xml
are as follows:

$cat /etc/pam.d/system-auth
#%PAM-1.0

# added for pam_mount
auth        optional      pam_mount.so try_first_pass

auth        required      pam_env.so
auth        sufficient    pam_tcb.so shadow nullok prefix=$2a$ count=8
auth        required      pam_deny.so

account     sufficient    pam_tcb.so shadow
account     required      pam_deny.so

password    required      pam_cracklib.so try_first_pass retry=3
password    sufficient    pam_tcb.so use_authtok shadow write_to=shadow nullok prefix=$2a$ count=8
password    required      pam_deny.so

session     optional      pam_keyinit.so revoke
session     required      pam_limits.so
session     [success=1 default=ignore] pam_succeed_if.so service in crond quiet use_uid
session     required      pam_tcb.so




$cat /etc/security/pam_mount.conf.xml
<?xml version="1.0" encoding="utf-8" ?>
<!DOCTYPE pam_mount SYSTEM "pam_mount.conf.xml.dtd">
<!--
        See pam_mount.conf(5) for a description.
-->

<pam_mount>


                <!-- Volume definitions -->

<volume fstype="fuse" ssh="1" path="sshfs#%(USER)@fileserver:" mountpoint="~" />

                <!-- pam_mount parameters: General tunables -->

<debug enable="1" />
<!--
<luserconf name=".pam_mount.conf.xml" />
-->

<!-- Note that commenting out mntoptions will give you the defaults.
     You will need to explicitly initialize it with the empty string
     to reset the defaults to nothing. -->
<mntoptions allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other" />
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev" />
<path>/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin</path>

<logout wait="0" hup="0" term="0" kill="0" />


                <!-- pam_mount parameters: Volume-related -->

<mkmountpoint enable="1" remove="true" />


</pam_mount>

-Chitta