password API needed
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Thu May 21 17:53:47 GMT 1998
On Fri, 22 May 1998, Jeremy Allison wrote:
> Gerald Carter wrote:
> >
> > On Fri, 22 May 1998, Luke Kenneth Casson Leighton wrote:
> >
> > > there are checks in password.c and smbpasswd.c to check that there exists
> > > a unix account for the smb (nt) user with same name / same unix uid.
> > >
> > > is this done through a single function, for consistency? _should_ it?
> > > should NIS+ be added ("passwd.org_dir") or is the standard getpwnam()
> > > sufficient?
> > >
> >
> > getpwnam() should work.
> >
>
> Indeed - getpwnam is the standard POSIX function for
> getting account information from the UNIX password db.
then i will remove benny holmgren's code in nisppass.c which duplicates
that check, against passwd.org_dir.
> I'd prefer to keep these check separate for now, although
> adding a common function do the standard checks isn't
> a bad idea, password.c is security sensitive code, and
> needs changing carefully (this means by all means go ahead
> Luke, but bear in mind I'll be scrutinizing *any* change
> in there in *minute* detail :-).
good-on. that module looks pretty cool. i'll see where the functionality
is common between smbpasswd.c and password.c: should be about three lines
of code anyway.
yep: dochild() calls Get_Pwnam() right at the top. if i make another
wrapper which returns BOOL, then we can double-check an NT name _even_ if
it gets "map username"'d, yes?
More information about the samba-technical
mailing list