Samba 2.0 RedHat/PAM password troubles found and solved!
Stephen L Arnold
arnold.steve at ensco.com
Thu Jan 28 00:01:17 GMT 1999
When the world was young, Dax Kelson carved some runes like this:
> Samba 2.0 tries to open:
>
> /etc/pam.d/samba and failing (since it doesn't exist on any box I've ever
> seen)
>
> opens
>
> /etc/pam.d/other
I beg to differ ;-) All the RedHat boxes I've been using with
samba (RH 4.2 and 5.2) all have the /etc/pam.d/samba file, but it
only contains the two following lines:
#%PAM-1.0
auth required /lib/security/pam_pwdb.so shadow nullok
account required /lib/security/pam_pwdb.so
Your password line in /etc/pam.d/samba means it won't look in
smbpasswd, right? What about the "nullok" switch?
I'm certainly clueless about most of this stuff (but I'm trying to
learn, honest), and PAM configuration is one of them. Any advice
on integrating PAM/shadow/samba(w/encrypted passwords) with SRP and
the associated exponential password suite would be greatly
appreciated. According to the docs, the SRP password tools (EPS)
can be installed as a PAM module (and can be used to athenticate
whatever services one wants). All this is pretty confusing though
(my tiny brain can only hold so much before it overflows). For
example:
I was trying to compile 1.9.18p10 the other night at home, and I
couldn't find a set of compile options for glibc (libc6) with both
PAM and shadow support. As I understand it, after converting your
/etc/passwd to /etc/shadow all the other commands (adduser, etc)
should then use the shadow file transparently (ie, they should work
just like they did before). Does that mean I can just add the
-DSHADOW_PWD
or do I need to add the -lshadow lib support too? It looks like
the libc5 setup uses the shadow lib, but the libc6 setup doesn't.
Is that correct?
Thanks in advance for any pointers, etc, etc.
****************************************************************
Stephen L. Arnold Senior Systems Engineer
ENSCO Inc. email: arnold.steve at ensco.com
P.O. Box 5488 www: http://www.ensco.com
Vandenberg AFB, CA 93437 voice: 805.734.8232 x68838
fax: 805.734.4779
#include <std_disclaimer.h>
****************************************************************
More information about the samba
mailing list