Samba 2.2.X, PAM and Kerberos5

Bogdan Iamandei bogdan at
Tue May 14 23:25:01 GMT 2002


	I am trying to put together the latest samba 2.2 from CVS, PAM
and Kerberos5 on a Solaris8 platform. Although it does compile fine,
attempting to make it work through pam_krb5 fails miserably.

I have configured the /etc/pam.conf to read:
# Samba Auth
samba   auth      required        /usr/lib/security/
samba   account   required        /usr/lib/security/
samba   session   required        /usr/lib/security/
samba   password  required        /usr/lib/security/

The messages I receive in the logs are like this:

[2002/05/15 15:30:27, 0] passdb/pampass.c:smb_pam_conv(125)
  smb_pam_conv: PAM on this system is broken - appdata_ptr == NULL !
[2002/05/15 15:30:27, 0] passdb/pampass.c:smb_pam_passcheck(827)
  smb_pam_passcheck: PAM: smb_pam_auth failed - Rejecting User username !

For some reason - it appears that only samba has this problem, proftpd
or telnet or just about any other application work fine against

My questions are:

0). Are the lines in my pam.conf correct?
1). Is this a bug or a feature? :)
2). Is the Sun's PAM/Kerberos5 implementation b0rken?
3). If 2) is true - how comes the other applications are not failing?:)
4). Any ideeas on how to circumvent this... unpleasant b0rkeness?



PS: If more info is needed - please *do ask*. I would like to have this 
sorted, since it's rather important.

I have seen things you people wouldn't believe.  Attack ships on fire
off the shoulder of Orion.  I watched C-beams glitter in the dark
near the Tannhauser Gate.  All those moments will be lost in time,
like tears in rain.  Time to die.

More information about the samba-technical mailing list