Improved check for PAM in configure.in
Michael Sweet
mike at easysw.com
Thu Nov 16 13:52:29 GMT 2000
Richard Sharpe wrote:
>
> Hi,
>
> I have undertaken to generate an improved check for PAM for
> configure.in for Samba 2.2.x
>
> While I can check that the PAM libraries are on the system, it may
> be that PAM is not actually in use, and some versions of Linux are
> like that.
>
> The next step I can do is to check for /etc/pam.d/samba, with
> something like
> ...
> However, this is not very portable ... Solaris does not use the
No, nor will it work when you haven't installed SAMBA before... ;)
> same format as Linux does these days, and I am not sure what
> wierd OSes like HP/UX and DU do when they have PAM installed (as
> part of CDE for example).
They use the Solaris implementation, which is the old Linux
implementation - one /etc/pam.conf file, with default authentication
for logins for any unknown service.
What I would suggest to do is:
1. Look for the PAM library; if it is there, compile in PAM
support.
2. Add a new "pam" option to smb.conf; defaulted to "yes"
but configurable to "no". That will allow systems that
don't use PAM but do have PAM installed to disable PAM
usage (probably not needed since the default PAM
configuration can use /etc/passwd or /etc/shadow, but
adding it will make the PAM support more robust...)
Also, see the CUPS sources for example PAM configuration files and
tests for Linux - SuSE differs in the naming of the PAM DSOs from
the rest of the Linux world, so you can setup the Makefile to
install the proper one if /etc/pam.d exists (simple check...)
--
______________________________________________________________________
Michael Sweet, Easy Software Products mike at easysw.com
Printing Software for UNIX http://www.easysw.com
More information about the samba-technical
mailing list