Problems compiling --with-PAM on HP-UX 11.00 64.
onime at ictp.trieste.it
Wed Jul 26 07:48:46 GMT 2000
With PAM support enabled, I expect you need to add entries (for samba) to
the HP system PAM configuration.
This is /etc/pam.conf and the suggested entries for AFS/samba are:
samba auth optional /usr/lib/security/libpam_unix.1
samba auth sufficient /usr/lib/security/pam_afs.so use_first_pass ignore_root
samba auth required /usr/lib/security/libpam_unix.1 use_first_pass
samba account required /usr/lib/security/libpam_unix.1
Note: That the third authentication entry (with required) is necessary to
prevent login if the user fails both the AFS login and the system's login.
Finally you may need to add the following bit of patch code to the file
--- passdb/pass_check.c.orig Wed May 31 00:28:44 2000
+++ passdb/pass_check.c Wed Jun 7 14:33:44 2000
@@ -129,4 +129,13 @@
pam_error = pam_acct_mgmt(pamh, PAM_SILENT);
+ /* Now set the session credentials...
+ pam_error = pam_setcred(pamh, PAM_ESTABLISH_CRED);
+ pam_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
/* If this point is reached, the user has been authenticated. */
Basically, the above ensures that smbd will be able to set the AFS
token after authentication.
The above worked/works for me on a Solaris 2.7 system with Samba 2.0.7!
More information about the samba-technical