pam_ntdom PAM module

Thu Jan 20 00:47:44 GMT 2000

With Luke's help, I've managed to get pam_ntdom to work on a Debian Potato
box, with the samba PDC on a Solaris box.

A very small patch is attached. Changes I made:

1) Hacked around the DEBUG_HDR macro. debughdr() seems to be missing from
debug.c.

2) Changed the .mac file from being set to 0600 to 0640. On debian, programs
that need auth info are in a 'shadow' group, so the .mac file needs to be
group shadow also.

3) Changed an fopen() so write access to the .mac file isn't requested if the
update variable isn't set. It's not used in that case as far as I can tell,
someone please tell me if this breaks anything.

4) Changed hardcoded debug level of 100 to 0 after I got it working. You
might want to leave this bit of the patch out until it works on your system
too. ;)

Luke, you've already seen part of this patch. Feel free to include whichever
bits you feel are appropriate into the pam_ntdom CVS repository.
-- 
Sam Couter                                             sam at topic.com.au
Internet Engineer
tSA Consulting
-------------- next part --------------
diff -ur pam_ntdom.orig/lib/include/smb.h pam_ntdom/lib/include/smb.h

--- pam_ntdom.orig/lib/include/smb.h	Mon Jan 17 16:28:26 2000
+++ pam_ntdom/lib/include/smb.h	Tue Jan 18 08:38:13 2000
@@ -62,7 +62,7 @@
 
 #define DEBUG_BODY( level, body ) \
   ( (DEBUGLEVEL >= (level)) && ((debuglog body) == 0) )
-#define DEBUG_HDR(level)
+#define DEBUG_HDR(level) 1
 #define DEBUG( level, body ) (void)(DEBUG_HDR(level) && DEBUG_BODY(level, body))
 #define DEBUGADD( level, body ) (void)(DEBUG_BODY(level, body))
 
diff -ur pam_ntdom.orig/lib/util/smbpassfile.c pam_ntdom/lib/util/smbpassfile.c
--- pam_ntdom.orig/lib/util/smbpassfile.c	Mon Jan 17 16:28:29 2000
+++ pam_ntdom/lib/util/smbpassfile.c	Wed Jan 19 05:41:26 2000
@@ -64,7 +64,7 @@
 
     get_trust_account_file_name( domain, name, mac_file);
 
-    if((mach_passwd_fp = sys_fopen(mac_file, "r+b")) == NULL) {
+    if((mach_passwd_fp = sys_fopen(mac_file, "rb")) == NULL) {
       if(errno == ENOENT && update) {
         mach_passwd_fp = sys_fopen(mac_file, "w+b");
       }
@@ -76,7 +76,7 @@
       }
     }
 
-    chmod(mac_file, 0600);
+    chmod(mac_file, 0640);
 
     if(!file_lock(fileno(mach_passwd_fp), (update ? F_WRLCK : F_RDLCK), 
                                       60, &mach_passwd_lock_depth))
diff -ur pam_ntdom.orig/lib/util/util.c pam_ntdom/lib/util/util.c
--- pam_ntdom.orig/lib/util/util.c	Mon Jan 17 16:28:29 2000
+++ pam_ntdom/lib/util/util.c	Wed Jan 19 01:20:19 2000
@@ -39,7 +39,11 @@
 pstring scope = "";
 struct in_addr ipzero = { 0 };
 
+#if 0
 int DEBUGLEVEL = 100;
+#else
+int DEBUGLEVEL = 0;
+#endif
 
 int Protocol = PROTOCOL_COREPLUS;
 
