[Samba] prevent "delete user script" to delete special Samba user
Gerald (Jerry) Carter
jerry at samba.org
Thu Jan 4 13:44:51 GMT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Niels Peuyn wrote:
> Hello Jerry,
>
>> The delete user script only manages the Unix account. The
>> passdb entry permissions are handled by the SeAddUsersPrivilege
>> (or connecting as root). There is no current per user security
>> descriptor that would give the kind of control you want without
>> modifying the source.
>>
>
> is it right, that the source in
> "passdb/pdb_interface.c:smb_delete_user"
> will control user deletion?
It depends on the passdb backend you are using. You need to
back up on level higher. See pdb_default_delete_user() for
example.
cheers, jerry
=====================================================================
Samba ------- http://www.samba.org
Centeris ----------- http://www.centeris.com
"What man is a man who does not make the world better?" --Balian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFFnQTTIR7qMdg1EfYRAm5QAJwIHPFObINyCH1+9NFrvzPH5wouEwCg7nY3
QDGKeTfJhl1ret78HGjPPmw=
=OuuD
-----END PGP SIGNATURE-----
More information about the samba
mailing list