[PATCH] [Fwd: Re: Trust Accounts in 2.2.x (Was Re: Fwd: Re: [squid-users] winbind authentication, mystical ?)]

Sun Jul 21 00:10:03 GMT 2002

Do you think this patch could be considered for a 2.2 release?

(I'm assuming we will get out one more with this kind of very small
cleanup).

It would make life easier for those just running squid and winbind on
their systems.

Andrew Bartlett

-------- Original Message --------
Subject: Re: Trust Accounts in 2.2.x  (Was Re: Fwd: Re: [squid-users]
winbind authentication, mystical ?)
Date: Mon, 15 Jul 2002 14:12:34 -0400
From: "Jerry Murdock" <jmurdock at itraktech.com>
To: "Jerry Murdock" <jmurdock at itraktech.com>,"Andrew Bartlett"
<abartlet at samba.org>
CC: "Andrew Bartlett" <abartlet at samba.org>,"Squid-Dev (E-mail)"
<squid-dev at squid-cache.org>,"Henrik Nordstrom" <hno at squid-cache.org>
References: <200207052332.08855 at henrik.marasystems.com>
<3D26D24A.FFAB3468 at bartlett.house> <002b01c22541$9015e090$0201a8c0 at DCXP>
<3D27997B.D97FE643 at bartlett.house> <008a01c2256d$24581310$0201a8c0 at DCXP>
<3D27C6B4.8D3FE5B0 at bartlett.house> <007301c22728$a6e89270$0201a8c0 at DCXP>

CORRECTED smbpasswd patch attached.

Other had a stupid typo in getopt call, would cause a core dump on
joining
domain.

Thought I had already fixed it, sorry.

Jerry

----- Original Message -----
From: "Jerry Murdock" <jmurdock at itraktech.com>
To: "Andrew Bartlett" <abartlet at samba.org>
Cc: "Andrew Bartlett" <abartlet at samba.org>; "Squid-Dev (E-mail)"
<squid-dev at squid-cache.org>; "Henrik Nordstrom" <hno at squid-cache.org>
Sent: Tuesday, July 09, 2002 5:10 AM
Subject: Trust Accounts in 2.2.x (Was Re: Fwd: Re: [squid-users] winbind
authentication, mystical ?)

> ----- Original Message -----
> From: "Andrew Bartlett" <abartlet at samba.org>
> To: "Jerry Murdock" <jmurdock at itraktech.com>
> Cc: "Andrew Bartlett" <abartlet at samba.org>; "Squid-Dev (E-mail)"
> <squid-dev at squid-cache.org>; "Henrik Nordstrom" <hno at squid-cache.org>
> Sent: Sunday, July 07, 2002 12:42 AM
> Subject: Re: Fwd: Re: [squid-users] winbind authentication, mystical ?
>
> > Jerry Murdock wrote:
>
> > > If so, and the user didn't want to run smbd, would you foresee any
> > > problems with a cron script to load smbd, login, logout, kill smbd?
> >
> > Only that you would have to trigger the timeout processing...  Yes this
> > is silly.
> >
> And tricky.  I'm reliably doing it now, but it is very ugly.
>
> Just about any smbclient session will trigger a call to timeout_processing
> upon ending the connection, but timeout processing bails out at "if
> (smb_read_error == READ_EOF)."
>
> The second call to timeout_processing is commented:
>   * Ensure we do timeout processing if the SMB we just got was
>   * only an echo request.
> I haven't looked at exactly what an SMB echo request is, but this has not
> been triggered in the testing I've done.
>
> The third instance is every 200 requests.  This fires consistently and the
> following snippet appears to cause a trust account password change
> consistently:
>
> ==>>
> #!/usr/bin/perl -w
> system("smbd -i &");  #remove if smbd normally running
> sleep 2;
> open (PIPE, "| smbclient //127.0.0.1/fredsdir -U
> mydomain\\\\myuser%mypass");
> select PIPE;
> $|=1;
> for ($i = 1; $i < 205; $i++) {
>     print "mkdir dummydir\n";
>     sleep 1;
> }
> print "rmdir dummydir\n";
> print "exit\n";
> <<==
>
> This obeys "machine password timeout" as set in smbd.conf.  Which means it
> resets the pw only if the timeout has expired.
>
> Yes it's horrid, but it's workable.
>
> It at least provides an option for an unpatched samba 2.2.x.
>
> > Probably the best advise it to prepare a patch that simply does what the
> > 'net rpc changetrustpw' does in HEAD.
> >
>
> Attached is a diff to smbpasswd to add domain trust account pw changing,
> syntax is:
>
> smbpasswd -t mydomain -r mypdc
>
> Jerry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smbpasswd.diff
Type: application/octet-stream
Size: 2245 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20020721/0145e202/smbpasswd.obj