SWAT [was Re: Deleting parameters.]
Andrew Bartlett
abartlet at pcug.org.au
Mon Nov 12 13:59:01 GMT 2001
"Gerald (Jerry) Carter" wrote:
>
> On Tue, 13 Nov 2001, Andrew Bartlett wrote:
>
> > > btw...currently I believe that all the PAM authentication details
> > > are hidden from SWAT. This means that smbd and swat use the same
> > > /etc/pam.d/samba PAM config file. Anyone else think swat should have
> > > it's own config file (i.e. /etc/pam.d/swat)?
> >
> > Apart from the upgrade installation pain, I think its a great idea.
> > Not possible with the current code, but I shouldn't be too hard to add
> > in future. (Both Samba and SWAT call the same plaintext entry point
> > on all this).
>
> no real pain. We check for /etc/pam.d/swat first and fallback to
> /etc/pam.d/samba if it does not exist.
PAM doesn't work like that... (Which is why we have 'obey pam
restrictions' and the like. PAM is (apparently) misconfigured on a lot
of boxes, and the 'black box' interface to it doesn't make it
paritcularly clear what bit failed, the user's login or the system
itself.
Andrew Bartlett
--
Andrew Bartlett abartlet at pcug.org.au
Manager, Authentication Subsystems, Samba Team abartlet at samba.org
Student Network Administrator, Hawker College abartlet at hawkerc.net
http://samba.org http://build.samba.org http://hawkerc.net
More information about the samba-technical
mailing list