[Samba] Winbind & adding users... is `useradd` being called? %u
parameter?
Stroller
linux.luser at myrealbox.com
Mon Dec 12 12:19:10 GMT 2005
Hi there,
This is probably a dumb question, so my apologies, but I've set up
WinBind on my my Samba box & it seems to be authenticating against the
domain, however new user accounts do not seem to be added.
`wbinfo -u` returns a list of the users on the domain and I seem to
have setup my IMAP server correctly to authenticate against that (using
PAM), as I see the following in /var/log/messages when I try to log in
to my IMAP server:
Dec 12 11:33:37 baby imapd: Connection, ip=[127.0.0.1]
Dec 12 11:33:37 baby pam_winbind[32640]: user 'ned' granted access
Dec 12 11:33:37 baby pam_winbind[32640]: user 'ned' granted access
Dec 12 11:33:37 baby imapd: networkned: chdir(/home/DOMAIN/ned)
failed!!
Dec 12 11:33:37 baby imapd: error: No such file or directory
Dec 12 11:33:37 baby imapd: LOGIN FAILED, user=networkned,
ip=[127.0.0.1]
Dec 12 11:33:37 baby imapd: authentication error: No such file or
directory
Initially in smb.conf I had simply uncommented the line which says:
add user script = /usr/sbin/useradd -s /bin/false '%u'
but of course(as pointed out on the IRC channel) `useradd requires the
-m flag in order to create a home directory for the user, so I set it
like this:
add user script = /usr/sbin/useradd -m -s /bin/false '%u'
but that gives me the same error.
The log shows that the IMAP server is trying to chdir into the home
directory "/home/DOMAIN/ned", so I'm unclear on how `useradd` is being
called - is it being called as `/usr/sbin/useradd -m -s /bin/false
'DOMAIN/ned'` or as something else?
Obviously I would try adding the user manually in order to troubleshoot
this, but I'd like to establish what '%u' Samba is passing to `useradd`
first. Consequently I edited the "add user script" as below, but
nothing is written to /tmp/foo.
add user script = /root/foo.sh '%u'
# ls -l /root/foo.sh
-rwxrwxrwx 1 root root 54 Dec 12 11:31 /root/foo.sh
# ls -l /tmp/foo
-rw-rw-rw- 1 root root 15 Dec 12 11:31 /tmp/foo
# cat /tmp/foo
gjitijt jgitjt
# cat /root/foo.sh
#!/bin/bash
echo "$@" >> /tmp/foo
exit 0
# /root/foo.sh howdy doody
# cat /tmp/foo
gjitijt jgitjt
howdy doody
#
I've added a subdirectory of /home for the DOMAIN, but that makes no
difference:
# ls -ld /home/
drwxr-xr-x 4 root root 120 Dec 12 11:17 /home/
baby ~ # ls -l /home/
total 0
drwxr-xr-x 2 root root 48 Dec 12 11:17 DOMAIN
drwxr-xr-x 3 stroller users 192 Dec 7 12:32 stroller
I'm not an expert at PAM, so maybe that's what I'm doing wrong?
# cat /etc/pam.d/imap
auth required pam_nologin.so
auth required pam_winbind.so
account sufficient pam_winbind.so
account required pam_stack.so service=system-auth
session required pam_stack.so service=system-auth
I don't see what I'm doing wrong here, so I'd be extremely grateful for
any suggestions,
Stroller.
More information about the samba
mailing list