[Samba] Incorrect smb.conf manual ??
Beast
beast at setuid.com
Thu Aug 7 05:24:38 GMT 2003
>From samba 3 smb.conf manual :
---------
passwd program (G)
The name of a program that can be used to set UNIX user passwords. Any occurrences of %u will be replaced with the user name. The user name is checked for existence before calling the password changing program.
Also note that many passwd programs insist in reasonable passwords, such as a minimum length, or the inclusion of mixed case chars and digits. This can pose a problem as some clients (such as Windows for Workgroups) uppercase the password before sending it.
Note that if the unix password sync parameter is set to yes then this program is called AS ROOT before the SMB password in the smbpasswd(5) file is changed. If this UNIX password change fails, then smbd will fail to change the SMB password also (this is by design).
If the unix password sync parameter is set this parameter MUST USE ABSOLUTE PATHS for ALL programs called, and must be examined for security implications. Note that by default unix password sync is set to no.
See also unix password sync.
------
However, it seems that "passwd program" was runs as user who invoke
this program (ie. change his password form Win client) and *not* as
root.
Tested using samba3.0b3 and ldap backend.
--beast
More information about the samba
mailing list