Samba 2.0 RedHat/PAM password troubles found and solved!
dkelson at inconnect.com
Thu Jan 28 02:34:42 GMT 1999
On Wed, 27 Jan 1999, Dr J Pelan wrote:
> On Thu, 28 Jan 1999, Dax Kelson wrote:
> > I tried upgrading from samba 1.9 to 2.0 on two seperate RedHat
> > servers, and after both upgrades nobody could get authenticated. The
> > windows boxes had the registry hacks to turn off encrypted passwords,
> > and I'm authenticating out of passwd+shadow.
> > Samba 2.0 tries to open:
> > /etc/pam.d/samba and failing (since it doesn't exist on any box I've
> > ever seen)
> Well done locating your problem. However for sake of completeness I'll
> point out that it is on all RedHat (5.[1|2]) boxes that I've seen
> by virtue of the fact that the Samba RPM has been installed, e.g.;
> % rpm -q -f /etc/pam.d/samba
> % cat /etc/pam.d/samba
> auth required /lib/security/pam_pwdb.so nullok shadow
> account required /lib/security/pam_pwdb.so
> Clearly if building sans RPM you'll miss out on that vital file.
> Perhaps this is an answer to the question posed in pass_check.c, namely
> * Query: should we be using PAM_SILENT to shut PAM up?
> John P.
Doesn't it follow that if I'm building from source and installing, I
wouldn't have the RPM installed???
What would the use be of having /usr/sbin/smbd as some old RPM version and
the new /usr/local/samba/bin/smbd? Confusion I think.
It should be documented clearly I believe that if you are using PAM (and
most do) that you need to have /etc/pam.d/samba.
Based on digging through the archives and searching on DejaNews, many are
having trouble with this "documentation problem".
Internet Connect, Inc.
More information about the samba-technical