SWAT [was Re: Deleting parameters.]

Andrew Bartlett abartlet at pcug.org.au
Mon Nov 12 13:59:01 GMT 2001

"Gerald (Jerry) Carter" wrote:
> On Tue, 13 Nov 2001, Andrew Bartlett wrote:
> > > btw...currently I believe that all the PAM authentication details
> > > are hidden from SWAT.  This means that smbd and swat use the same
> > > /etc/pam.d/samba PAM config file.  Anyone else think swat should have
> > > it's own config file (i.e. /etc/pam.d/swat)?
> >
> > Apart from the upgrade installation pain, I think its a great idea.
> > Not possible with the current code, but I shouldn't be too hard to add
> > in future.  (Both Samba and SWAT call the same plaintext entry point
> > on all this).
> no real pain.  We check for /etc/pam.d/swat first and fallback to
> /etc/pam.d/samba if it does not exist.

PAM doesn't work like that...  (Which is why we have 'obey pam
restrictions' and the like.  PAM is (apparently) misconfigured on a lot
of boxes, and the 'black box' interface to it doesn't make it
paritcularly clear what bit failed, the user's login or the system

Andrew Bartlett

Andrew Bartlett                                 abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team  abartlet at samba.org
Student Network Administrator, Hawker College   abartlet at hawkerc.net
http://samba.org     http://build.samba.org     http://hawkerc.net

More information about the samba-technical mailing list