thoughts on smbpasswd
Todd Pfaff
todd at edge.cis.mcmaster.ca
Tue Aug 19 18:06:08 GMT 1997
in our environment, everyone with a unix account on the samba server
should also have an entry in smbpasswd. in the past i've initialized this
through a script which i call from my nis makefile to keep smbpasswd in
sync with /etc/passwd. it adds new users, deletes users who no longer
exist in /etc/passwd, and leaves existing users alone (so as not to change
their password). when i add a new account, i naturally do an nis make and
my smbpasswd file is brought up-to-date. i had also made changes to
smbpasswd such that a new user could log into their unix account and set
their initial smb password if it was all X's (but of course, the password
would still be invalid until set).
in 1.9.17alpha, things have changed slightly (the 'NO PASSWORD' string in
the smbpasswd entry and the -add option to smbpasswd). i made a couple of
changes to smbpasswd.c that others may find useful.
if the password begins with a '*' then the user can hit return when prompted
for their old password, but the password is still considered invalid until
set to something that doesn't begin with '*' or 'X'.
if smbpasswd.c is compiled with -DALLOW_ADD_USER, a non-root user can add
a new entry for their username to smbpasswd if it does not yet exist
(ie. if they run smbpasswd and their name is not found in the smbpasswd
file, and they enter a valid password, a new entry is created for their
username). i also removed the -add option and made the default behaviour
for root that the user is added if not found.
does anyone see any security problems with these changes?
i've included the diffs to smbpasswd.c below.
---begin patch---
--- smbpasswd.c-1.9.17alpha5 Mon Jul 21 13:32:36 1997
+++ smbpasswd.c Mon Aug 18 14:06:43 1997
@@ -138,7 +138,7 @@
* of passwd in file -
* this is used by
* smbpasswd.c */
- if (*p == '*' || *p == 'X') {
+ if (*p == 'X') {
/* Password deliberately invalid - end here. */
*valid_old_pwd = False;
*got_valid_nt_entry = False;
@@ -167,7 +167,11 @@
if (p[32] != ':')
return (False);
- if (!strncasecmp((char *)p, "NO PASSWORD", 11)) {
+ if (*p == '*') {
+ /* Password deliberately invalid, user can set it. */
+ pw_buf.smb_passwd = NULL;
+ }
+ else if (!strncasecmp((char *)p, "NO PASSWORD", 11)) {
pw_buf.smb_passwd = NULL; /* No password */
} else {
if(!gethexpwd((char *)p,(char *)smbpwd))
@@ -203,7 +207,7 @@
*/
static void usage(char *name)
{
- fprintf(stderr, "Usage is : %s [-add] [username]\n", name);
+ fprintf(stderr, "Usage is : %s [username]\n", name);
exit(1);
}
@@ -222,7 +226,12 @@
FILE *fp;
BOOL valid_old_pwd = False;
BOOL got_valid_nt_entry = False;
- BOOL add_user = False;
+ BOOL add_user =
+#ifdef ALLOW_ADD_USER
+ True;
+#else
+ False;
+#endif
long seekpos;
int pwfd;
char ascii_p16[66];
@@ -252,22 +261,17 @@
/* Deal with usage problems */
if (real_uid == 0) {
/* As root we can change anothers password and add a user. */
- if (argc > 3 )
+ if (argc > 2 )
usage(argv[0]);
+ add_user = True;
} else if (argc != 1) {
fprintf(stderr, "%s: Only root can set anothers password.\n", argv[0]);
usage(argv[0]);
}
if (real_uid == 0 && (argc > 1)) {
- /* We are root - check if we should add the user */
- if ((argv[1][0] == '-') && (argv[1][1] == 'a'))
- add_user = True;
- if(add_user && (argc != 3))
- usage(argv[0]);
-
/* If we are root we can change anothers password. */
- strncpy(user_name, add_user ? argv[2] : argv[1], sizeof(user_name) - 1);
+ strncpy(user_name, argv[1], sizeof(user_name) - 1);
user_name[sizeof(user_name) - 1] = '\0';
pwd = getpwnam(user_name);
} else {
---end patch---
--
Todd Pfaff \ Email: pfaff at mcmaster.ca
Computing and Information Services \ Voice: (905) 525-9140 x22920
ABB 132 \ FAX: (905) 528-3773
McMaster University \
Hamilton, Ontario, Canada L8S 4M1 \
More information about the samba
mailing list