pam_smbpass

[Brad Langhorst]

>
> I have:
> password   optional     /lib/security/pam_smbpass.so use_first_pass
> use_authtok
>
> In my system-auth file.  The optional bit is to bring the password back
> into line, checking only the unix password db.  But the bit your
> interested in is the 'use_authtok'.  See if that helps.
Sorry - forgot to mention that  had that in ther the whole time.
for posterity  - my working config (with double password prompting) 
uses this system-auth file.

auth        sufficient    /lib/security/pam_unix.so likeauth nullok md5 shadow
auth        required      /lib/security/pam_deny.so
account     sufficient    /lib/security/pam_unix.so
account     required      /lib/security/pam_deny.so
password    required      /lib/security/pam_cracklib.so retry=3
password    required      /lib/security/pam_smbpass.so nullok use_authtok 
smbconf=/etc/samba/smb.conf
password    required      /lib/security/pam_unix.so nullok use_authtok md5 
shadow
#password    required      /lib/security/pam_deny.so
session     required      /lib/security/pam_limits.so
session     required      /lib/security/pam_unix.so

a symlink 
/etc/smbpasswd -> /etc/samba/smbpasswd 
is also required to make this work.

I'm about ready to give up on the double password prompt problem for now...

brad