[PATCH] Remove pam_smbpass module from Samba source code

Simo simo at samba.org
Sun Jan 25 09:23:29 MST 2015

On Sun, 2015-01-25 at 11:17 +0100, Volker Lendecke wrote:
> On Sun, Jan 25, 2015 at 06:18:25PM +1300, Andrew Bartlett wrote:
> > Indeed.  In an ideal, theoretical sense, having both a unix and a Samba
> > password brings no advantages, and plenty of disadvantages.  I certainly
> > wish that we had, years ago, set a standard that if you used the Samba
> > password for local PAM logins, that we only used Samba passwords. 
> > 
> > Sadly, it is used in the default debian config of pam_smbpass (again,
> > this may not be ideal).
> Even if debian has it enabled by default, what are the real requirements
> that debian has that can not be fulfilled with just smb passwords in
> the PAM stack?
> I'd still vote to remove this and thus also remove the migrate feature. If
> the debian community comes up with a compelling case then we might
> reconsider to code something up that helps their specific needs.

This module is nothing short of awful on so many levels.

I think the Samba Team should drop it. If there are people really
depending on this feature they can pick it up and maintain a fork on
their own.

My guess is that the few that use it do so only because it is available
from the Samba Tam and would drop it otherwise.


More information about the samba-technical mailing list