root can't log into SWAT
Alexander Bokovoy
a.bokovoy at sam-solutions.net
Tue Nov 4 13:56:55 GMT 2003
On Wed, Nov 05, 2003 at 09:28:17AM -0500, Scott Phelps wrote:
> > > Thank you very much! However, this is not the behavior I want. I just
> > > want to check password against the shadow file _only_. How can I fix
> > > this?
> > Use proper PAM configuration for /etc/pam.d/samba. Note that this
> > configuration file isn't for authenticating services through samba but for
> > samba-based applications instead.
>
> So is there a way I can make SWAT use shadow and samba users use
> smbpasswd. This is weird because I am sure in the default installation
> I had for 2.2.8 I did not have root in smbpasswd and was able to use
> swat fine. Could you tell me exactly what I need to do to achieve this?
In my case I have following /etc/pam.d/samba:
#%PAM-1.0
auth include system-auth
account include system-auth
password required pam_deny.so
session include system-auth
As your PAM implementation most likely does not have 'include' statement,
you should use pam_stack.so module and it would look like the file
packaging/RedHat/samba.pamd.stack from Samba 3.0 distribution:
#%PAM-1.0
auth required pam_nologin.so
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
password required pam_stack.so service=system-auth
--
/ Alexander Bokovoy
Samba Team http://www.samba.org/
ALT Linux Team http://www.altlinux.org/
Midgard Project Ry http://www.midgard-project.org/
More information about the samba-technical
mailing list