Simple sync between smbpasswd and passwd
tavis at mahler.econ.columbia.edu
Thu Jun 11 18:30:24 GMT 1998
I guess what I'm wondering is if there shouldn't be a replacement for
passwd (in addition to yppasswd and NIS+) as part of the official Samba
code. If so, then it would require a Makefile for different systems and
testing by different people under different environments.
I'm not an experienced enough programmer to take this on, but would be
happy to do the debugging for SunOS (including the problems below). The
setuid problem will need some thinking out (is there a way for a setuid
program to call another one as non-setuid? If not, then there would have
to be two separate sub-programs, one run non-setuid that asks for the
password and runs checks on it and sends it to smbpasswd, and a setuid
program that takes an original password and an acceptable password as an
agrument, verifies the original password, and changes it. I'm not sure
if that wold create security problems). The other problems seem easily
fixable, though I suspect more such problems will come up as people use
it on different systems.
My question for people on the Samba team: Is this the appropriate list to
discuss such a project? How does one officially start it?
On Thu, 11 Jun 1998, David Bannon wrote:
> This thread needed a new name.
> At 16:08 09/06/1998 +1000, you wrote:
> >On Tue, 9 Jun 1998, David Bannon wrote:
> > ... my very basic programme to replace the unix passwd programme...
> > http://bioserve.latrobe.edu.au/about/passwd.c.txt
> Unfortuantly I only have access to DEC and linux at present. My DEC is a
> bit old (hey, if its not broken, why fix it ?) and my linux is being
> rebuilt for another 'development'. I may be able to call on some
> friendships to get limited Sun access, not very satisfactory... (you know,
> 'can I write to your passwd file please ?').
> >I tested this code out on SunOs 4.1.3, and found a number of things that
> >didn't work right:
> >(1) There is no header file "mode.h" in my system,
> Seems to go back to early OSF stuff, has some defines for stat.
> Unnecessary on my system, although a couple of man pages for
> function like to mention it. Leave it out.
> >(2) SunOS does not use the passwd.dir and passwd.pag files; hence it does
> >not have /sbin/mkpasswd. This command failed and reported an error, but
> >/etc/passwd and ~/smbpasswd were still updated correctly.
> I can easy set up a define to include (or not) such things.
> >(3) Upon successful completion, it changed the permissions on /etc/passwd
> >to make it readable only by root. (!!!!!!!!!!!!!!!!!!!!)
> Now, that would be a real beauty ! Someone else had the same problem. In
> the function FilterFile() there is a call to fchmod(.. 0x644). Can it be
> that that function is not implemented on other systems ????
> >(4) It only worked correctly for non-privileged users when run setuid
> >root, but smbpasswd only works correctly when _not_ setuid root.
> Hmm... I am using a month or so old version of Samba NTDom, I have not been
> upgrading very often as what I had works for me at present. I did read
> somewhere a comment about smbpasswd changing its way of doing things there.
> I will be running up a linux box with samba in the next couple of days,
> I'll get the current copy and compare.
> >Anyway, it's a nifty little program and I don't know if you ever intended
> >to make it operable beyond your own system, but if you do perhaps we can
> >work on fixing the above.
> I don't think it is worth the effort of setting up pre compile config
> files, as long as the problems are solveable and documented then any
> programmmer should be able to fiddle the header to get something working.
> I'll have a go at problen #4 in particular in the next couple of weeks if
> possible. (I'm going camping in Central Australia for 2 weeks soon, so it
> may be a bit longer).
> Any comments, suggestions etc are welcome.
> David Bannon D.Bannon at latrobe.edu.au
> School of Biochemistry Phone 61 03 9479 2197
> La Trobe University, Plenty Rd, Fax 61 03 9479 2467
> Bundoora, Vic, Australia, 3083 http://bioserve.latrobe.edu.au
> ..... Humpty Dumpty was pushed !
More information about the samba-ntdom