pam_smbpass and passdb backends

Fernando Brunelli fbrunelli at escelsa.com.br
Tue Jun 10 17:46:35 GMT 2003 

I´m trying to configure pam_smbpass to use mysql passdb backend but I get on syslog (/var/log/messages)

Jun 10 14:28:13 marguerita PAM_smbpass[31374]: Cannot access samba password database
Jun 10 14:28:13 marguerita login[31374]: FAILED LOGIN 1 FROM (null) FOR teste1, Authentication service cannot retrieve authentication info.

The database is running and samba working.
If I disable passdb backend in smb.conf and use the traditional smbpasswd file it works fine.

For information, follows the pam configuration, samba configure command and smb.conf file


Fernando Brunelli


/etc/pam.d/login:
%<--------------------------------------------------------------------------------
#%PAM-1.0
auth       requisite        pam_nologin.so
auth       required         pam_smbpass.so
account    required         pam_smbpass.so
password   required         pam_smbpass.so audit debug smbconf=/etc/samba/smb.conf
session    required         pam_unix.so
%<--------------------------------------------------------------------------------

samba-3.0.0beta1

./configure --host=i686-pc-linux-gnu --build=i686-pc-linux-gnu --target=i386-redhat-linux --program-prefix= --prefix=/usr --exec-prefix=/usr
--bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib --libexecdir=/usr/libexec
--localstatedir=/var --sharedstatedir=/usr/com --mandir=/usr/share/man --infodir=/usr/share/info --libdir=/etc/samba --with-fhs
--with-privatedir=/etc/samba --with-lockdir=/var/cache/samba --with-swatdir=/usr/share/swat --with-codepagedir=/usr/share/samba/codepages 
--with-syslog \
--enable-cups \
--with-automount \
--with-smbmount \
--with-pam \
--with-mmap \
--with-quotas \
--without-smbwrapper \
--with-libsmbclient \
--with-utmp
--with-piddir=/var/run \
--with-acl-support \
--with-vfs \
--with-pam_smbpass \
--with-msdfs \
--with-expsam=mysql

smb.conf:
%<-------------------------------------------------------------------------------------------------

[global]
   passdb backend = mysql:mysql
   mysql:mysql host = localhost
   mysql:mysql user = root
   mysql:mysql database = authentication
   mysql:table = users

   netbios name = my-name
   workgroup = my-domain

# Uncomment this if you want a guest account, you must add this to /etc/passwd
# otherwise the user "nobody" is used
;  guest account = pcguest

  security = user

  encrypt passwords = yes
;  smb passwd file = /etc/samba/smbpasswd

# Using the following line enables you to customise your configuration
# on a per machine basis. The %m gets replaced with the netbios name
# of the machine that is connecting
;   include = /etc/samba/smb.conf.%m

   socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192

   local master = yes

   domain master = yes
   preferred master = yes

   domain logons = yes

;   logon path = \\%L\Profiles\%U

   log level = 2

#============================ Share Definitions ==============================
[homes]
   comment = Home Directories
   browseable = no
   writable = yes

[netlogon]
   comment = Network Logon Service
   path = /var/lib/samba/netlogon
   guest ok = yes
   writable = no
   share modes = no

[Profiles]
    path = /var/lib/samba/profiles
    browseable = no
    guest ok = yes

More information about the samba-technical mailing list