sync passwords

Charles Wise charles at
Thu Sep 27 09:42:02 GMT 2001

smb.conf only has to be readable and writeable by root not everyone. Your 
solution still may have security implications though.

Quoting Dominic <d.lukwata at>:

> Hi all,
> I have managed to make smbpasswd update both unix NIS passwords
> and smb-passwords. Only that the price is a big security hole!
> yppasswd needs the root password! So I have changed the chat in smb.conf
> to
> include the root password in clear text.
>    smb passwd file = /usr/local/samba/private/smbpasswd
>    unix password sync = yes
>    passwd program = /usr/bin/yppasswd %u
>    passwd chat = *NIS* <root password>\n *NIS* %n\n *new* %n\n *changed*
>    encrypt passwords = yes
> Now this has worked, but really not acceptable, since smb.conf must be
> readable by every one! So the root password can be read by anyone!
> Does any one know how to go around this?
> Thanks a bunch
> Dominic

Charles Wise
Computer Support
charles at

More information about the samba-ntdom mailing list