problems with pam_smbpass

Bartlomiej Solarz-Niesluchowski B.Solarz-Niesluchowski at wsisiz.edu.pl
Fri Jul 20 05:42:07 GMT 2001


Hello!

I run SAMBA 2.2.1a (encrypted passwords) with smb_pass 0.7.5 on RH 7.1 
(i386) and I have problem with option try_first_pass

SO my pam.d config:
[root at oceanic pam.d]# more passwd
#%PAM-1.0
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth
password   required     /lib/security/pam_stack.so service=system-auth

[root at oceanic pam.d]# more system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3
password    required    /lib/security/pam_unix.so nullok use_authtok md5 shadow
password   required    /lib/security/pam_smbpass.so nullok 
smbconf=/etc/samba/smb.conf

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

On this pam.d config when user changing password he/she must put password 6 
times:
[solarz at oceanic solarz]$ passwd
Changing password for solarz
(current) UNIX password:
Changing password for solarz
Current SMB password:
New UNIX password:
Retype new UNIX password:
Enter new SMB password:
Retype new SMB password:
passwd: all authentication tokens updated successfully

When I change system-auth:
[root at oceanic pam.d]# more system-auth
#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.
auth        required      /lib/security/pam_env.so
auth        sufficient    /lib/security/pam_unix.so likeauth nullok
auth        required      /lib/security/pam_deny.so

account     required      /lib/security/pam_unix.so

password    required      /lib/security/pam_cracklib.so retry=3
password    required    /lib/security/pam_unix.so nullok use_authtok 
try_first_pass md5 shadow
password   required    /lib/security/pam_smbpass.so nullok use_authtok 
try_first_pass smbconf=/etc/samba/smb.conf

session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

the password changing procedure look like (user has the same UNIX/SMB 
passwords):
[solarz at oceanic solarz]$ passwd
Changing password for solarz
(current) UNIX password:
New UNIX password:
Retype new UNIX password:
No password supplied
passwd: Authentication token manipulation error

and after this UNIX password is changed but SMB password NO.

PLEASE - somebody help me - I turn all debug but I do not see anything 
interesting - i check many combination of system-auth but it looks like 
option use_authtok and try_first_pass does not work on pam_smbpass module.....

Best Regards

--
Bartlomiej Solarz-Niesluchowski, Administrator WSISiZ
e-mail: B.Solarz-Niesluchowski at wsisiz.edu.pl
01-447 Warszawa, ul. Newelska 6, pokoj 404, pon.-pt. 8-16
tel. 836-92-53 - wylacznie w WAZNYCH sprawach NIE dotyczacych zmiany hasla
Motto - nie psuj Win'9x one i bez tego sie psuja....
Jak sobie poscielisz tak sie wyspisz





More information about the samba-technical mailing list