mod_auth_ntlm_winbind: ntlm_auth tries to open the secrets.tdb, but fails

Kai Blin kai at samba.org
Tue Nov 20 06:39:02 GMT 2007


On Monday 19 November 2007 13:12:34 Yoshinori Sano wrote:

> I've tried to work mod_auth_ntlm_winbind(rev #713) for a week, but it
> doesn't work.
> http://viewcvs.samba.org/cgi-bin/viewcvs.cgi/trunk/mod_auth_ntlm_winbind/mo
>d_auth_ntlm_winbind.c?root=lorikeet&rev=713&view=markup
>
> When I use samba-3.0.27, a segmentation error occurs at
> ads_verify_ticket() line 335.
> This is because ads_verify_ticket initializes the pac_data variable,
> whose address is NULL, to NULL:

I'll have a look at that.

> But, I've faced some other problem.
> The ntlm_auth process tries to open the secrets.tdb, however, it fails.
> As the ntlm_auth process is spawn from httpd which runs as nobody
> privilege, so the ntlm_auth process doesn't have access privilege against
> the secrets.tdb.
[...]
> Why ntlm_auth need to access the secrets.tdb?

As far as I am aware, that's where the tickets are stored. Someone correct me 
if I'm wrong.

Cheers,
Kai

-- 
Kai Blin
WorldForge developer  http://www.worldforge.org/
Wine developer        http://wiki.winehq.org/KaiBlin
Samba team member     http://www.samba.org/samba/team/
--
Will code for cotton.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
Url : http://lists.samba.org/archive/samba-technical/attachments/20071120/b504ed86/attachment.bin


More information about the samba-technical mailing list