[PATCH] enhancing lp_obey_pam_restrictions()
simo
idra at samba.org
Thu Nov 30 20:49:40 GMT 2006
While testing the lp_obey_pam_restrictions() option I found out that the
account stack is no tested in the security = server,domain,ads but we
always call the session stack (because it is embedded in
register_vuid->session_claim).
I think it make sense to let the admin use their own pam modules for
account control and make obey pam restriction effectively obey them if
present.
Attached there is a patch that should cover all authentication paths for
smbd where it is meaningful to call the pam account stack.
Comments?
Unless there are objections I will proceed and commit the patch in the
next days.
Simo.
--
Simo Sorce
Samba Team GPL Compliance Officer
email: idra at samba.org
http://samba.org
-------------- next part --------------
A non-text attachment was scrubbed...
Name: samba3_pam_account_check.patch
Type: text/x-patch
Size: 4292 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20061130/18d7c67f/samba3_pam_account_check.bin
More information about the samba-technical
mailing list