[PATCH] enhancing lp_obey_pam_restrictions()

Volker Lendecke Volker.Lendecke at SerNet.DE
Fri Dec 1 08:04:35 GMT 2006


On Thu, Nov 30, 2006 at 03:49:40PM -0500, simo wrote:
> While testing the lp_obey_pam_restrictions() option I found out that the
> account stack is no tested in the security = server,domain,ads but we
> always call the session stack (because it is embedded in
> register_vuid->session_claim).
> 
> I think it make sense to let the admin use their own pam modules for
> account control and make obey pam restriction effectively obey them if
> present.
> 
> Attached there is a patch that should cover all authentication paths for
> smbd where it is meaningful to call the pam account stack.
> 
> Comments?
> Unless there are objections I will proceed and commit the patch in the
> next days.

Looks good. Although I would prefer that you seperate out
the "other" fixes like memleak ones into a separate checkin.

Thanks,

Volker
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061201/cc0038eb/attachment.bin


More information about the samba-technical mailing list