[PATCH] passdb.tdb is located in the private directory

simo idra at samba.org
Mon Dec 24 14:16:37 GMT 2007

On Mon, 2007-12-24 at 14:12 +0100, Volker Lendecke wrote:
> Jerry, as part of d6cdbfd87 the default location of passdb.tdb has changed from
> the private directory to the state directory. I think because passdb.tdb holds
> the password hashes, it is reasonable to keep this next to the smbpasswd file.
> Please review and potentially push.


Not much because it should stay near smbpasswd, but more because the
private directory is not accessible by normal users, just root, and give
additional protection to potential misconfiguration of the file's

Just looking right now in my Fedora installation I have it in
/var/lib/samba/private 700 and it contains passdb.tdb, secrets.tdb and
smbpasswd. passdb.tdb is 644 in this installation, but it is ok as the
parent dir itself restrict non-root user access.


Simo Sorce
Samba Team GPL Compliance Officer <simo at samba.org>
Senior Software Engineer at Red Hat Inc. <ssorce at redhat.com>

More information about the samba-technical mailing list