password API needed

Luke Kenneth Casson Leighton lkcl at
Thu May 21 17:53:47 GMT 1998

On Fri, 22 May 1998, Jeremy Allison wrote:

> Gerald Carter wrote:
> > 
> > On Fri, 22 May 1998, Luke Kenneth Casson Leighton wrote:
> > 
> > > there are checks in password.c and smbpasswd.c to check that there exists
> > > a unix account for the smb (nt) user with same name / same unix uid.
> > >
> > > is this done through a single function, for consistency?  _should_ it?
> > > should NIS+ be added ("passwd.org_dir") or is the standard getpwnam()
> > > sufficient?
> > >
> > 
> > getpwnam() should work.
> > 
> Indeed - getpwnam is the standard POSIX function for
> getting account information from the UNIX password db.

then i will remove benny holmgren's code in nisppass.c which duplicates
that check, against passwd.org_dir.

> I'd prefer to keep these check separate for now, although
> adding a common function do the standard checks isn't
> a bad idea, password.c is security sensitive code, and
> needs changing carefully (this means by all means go ahead
> Luke, but bear in mind I'll be scrutinizing *any* change
> in there in *minute* detail :-).

good-on.  that module looks pretty cool.  i'll see where the functionality
is common between smbpasswd.c and password.c: should be about three lines
of code anyway.

yep: dochild() calls Get_Pwnam() right at the top.  if i make another
wrapper which returns BOOL, then we can double-check an NT name _even_ if
it gets "map username"'d, yes?

More information about the samba-technical mailing list