[Samba] X flag in smbpasswd?

Ow Mun Heng ow.mun.heng at wdc.com
Tue May 27 01:28:42 GMT 2003 

Solved it. Found out that the map to guest parameter is in the share
definition section instead of in Global section.

(I was just following redhat's default smb.conf file. How come it was in the
share section? Or could it be my silly mistake?)

Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia 
DID : 03-7870 5168


-----Original Message-----
From: Ow Mun Heng 
Sent: Monday, May 26, 2003 4:06 PM
To: John H Terpstra
Cc: Samba Mailing List
Subject: RE: [Samba] X flag in smbpasswd?


Thanks for the tip.

Hence in that case, Since I have a lot of XXXX in my smbpasswd file for
users such as apache, gdm, nfsnobody etc.. does it mean I should remove
that? (so that someone can't use a login such as ftp/apache with NO password
and get into samba shares?)

BTW, i'm trying to set up anonymous access to the samba shares. (I have 1
share which I would like to share out to the 'world')

I have 

# If you want users samba doesn't recognize to be mapped to a guest user
map to guest = bad user

but that does not work. I already have :

# A publicly accessible directory, but read only, except for people in
# the "headmedia" group
[H-Media]
   comment = Head Media (Readable) Share
   path = /usr/HeadMedia
   public = yes     <--------This should be the one right?
   read only = yes
   write list = @headmedia
   create mask = 0665
   directory mode = 0775

unfortunately, it still prompts users for a password. (security = user)

Cheers,
Mun Heng, Ow
H/M Engineering
Western Digital M'sia 
DID : 03-7870 5168


-----Original Message-----
From: John H Terpstra [mailto:jht at samba.org]
Sent: Monday, May 26, 2003 12:58 PM
To: Ow Mun Heng
Cc: Samba Mailing List
Subject: RE: [Samba] X flag in smbpasswd?


On Mon, 26 May 2003, Ow Mun Heng wrote:

> Well, doing a fresh install of Redhat 8 samba 2.2.7a, it states that I
need
> to create the smbpasswd file and thus need to use mksmbpasswd.sh on
> /etc/passwd and redirect the output into smbpasswd.

The script mksmbpasswd.sh has the following in it:

#!/bin/sh
awk 'BEGIN {FS=":"
        printf("#\n# SMB password file.\n#\n")
        }
{ printf(
"%s:%s:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX:[U
]:LCT-00000000:%s\n", $1, $3, $5) }
'

This script simply puts  account entries into the smbpasswd file but does
NOT set a password for any of them.

You will still need to set a password for each user by way of:

	smbpasswd 'username'


Now to add a user account _AND_ set the password in the first place you
would run (as you point out):

	smbpasswd -a 'username'

Both uses of smbpasswd are fully portable from samba-2.2.x to samba-3 when
it ships. It will work with Samba-3 regardless of the password backend you
choose to use. If you choose to use the 'tdbsam' or 'ldapsam' options then
the mksmbpasswd.sh shell script is useless to you anyhow - it will put
entries (without passwords) into a file that you will not be using.

>
> That's just to create the initial smbpasswd database. To add any
> new/additional users I use smbpasswd -a newuser.
>
> So, if mksmbpasswd.sh use is discouraged, does that mean I'll have to add
> the users 1 by one?

Yes, or else change the mksmbpasswd.sh script to call smbpasswd for you.
That is a pretty easy change to make, isn't it?

Let's see:

#!/bin/bash

list=`cat -f1 -d: < /etc/passwd`

for i in $list
do
	echo Adding user: $i
	smbpasswd -a $i
done

exit 0

Now you will need to type the password for each user.

Cheers,
- John T.

>
> Cheers,
> Mun Heng, Ow
> H/M Engineering
> Western Digital M'sia
> DID : 03-7870 5168
>
>
> -----Original Message-----
> From: John H Terpstra [mailto:jht at samba.org]
> Sent: Monday, May 26, 2003 11:43 AM
> To: Ow Mun Heng
> Cc: Ryan Novosielski; Samba Mailing List
> Subject: RE: [Samba] X flag in smbpasswd?
>
>
> On Mon, 26 May 2003, Ow Mun Heng wrote:
>
> > If that is the case, then what should be used to migrate current
passwords
> > into smbpasswd?
>
> What current passwords are you trying to migrate? What form are they in
> now?
>
> - John T.
>
> >
> > Cheers,
> > Mun Heng, Ow
> > H/M Engineering
> > Western Digital M'sia
> > DID : 03-7870 5168
> >
> >
> > -----Original Message-----
> > From: John H Terpstra [mailto:jht at samba.org]
> > Sent: Friday, May 23, 2003 11:39 PM
> > To: Ryan Novosielski
> > Cc: Samba Mailing List
> > Subject: Re: [Samba] X flag in smbpasswd?
> >
> >
> > On Thu, 22 May 2003, Ryan Novosielski wrote:
> >
> > > mksmbpasswd.sh does not create accounts with the X flag in the
password
> > > flags field. Does this X matter, and if so, what does it mean? It's
not
> in
> > > the man page.
> >
> > The 'X' flag is not used at this time, but please note that with Samba-3
> > there can be many passwd back ends - only smbpasswd (a legacy database)
is
> > plain text based. Use of mksmbpasswd.sh should be discouraged.
> >
> > - John T.
> >
>
>

-- 
John H Terpstra
Email: jht at samba.org

More information about the samba mailing list