[Samba] build from source, missing pam integration
Peter Carlson
peter at howudodat.com
Sat Oct 22 20:08:15 UTC 2022
built 4.17 from source on ubuntu 22.04
./configure \
--prefix=/usr \
--enable-fhs \
--sysconfdir=/etc \
--localstatedir=/var \
--with-privatedir=/var/lib/samba/private \
--with-smbpasswd-file=/etc/samba/smbpasswd \
--with-piddir=/var/run/samba \
--with-pammodulesdir=/lib/x86_64-linux-gnu/security \
--libdir=/usr/lib/x86_64-linux-gnu \
--with-modulesdir=/usr/lib/x86_64-linux-gnu/samba \
--datadir=/usr/share \
--with-lockdir=/run/samba \
--with-piddir=/run/samba \
--with-statedir=/var/lib/samba \
--with-cachedir=/var/cache/samba \
--with-socketpath=/var/run/ctdb/ctdbd.socket \
--with-logdir=/var/log/ctdb \
--systemd-install-services
domain joined fine:
root at fs1:/etc/pam.d# wbinfo --ping-dc
checking the NETLOGON for domain[CARLSON] dc connection to
"nc1.carlson.lab" succeeded
root at fs1:/etc/pam.d# getent passwd CARLSON\\administrator
CARLSON\administrator:*:2000500:2000513::/home/administrator at CARLSON:/bin/bash
File share setup looks good:
root at fs1:/etc/pam.d# smbclient -L localhost -N
Anonymous login successful
Sharename Type Comment
--------- ---- -------
Test Disk test
IPC$ IPC IPC Service (fs1 server (Samba, Ubuntu))
SMB1 disabled -- no workgroup available
root at fs1:/etc/pam.d# ls -l /lib/x86_64-linux-gnu/security/pam_win*
-rwxr-xr-x 1 root root 172480 Oct 22 18:58
/lib/x86_64-linux-gnu/security/pam_winbind.so
No Option to activate AD pam integration with pam-auth-update, and of
course ssh gives auth failure
PAM profiles to enable:
│ [*] Unix authentication
│ [*] Register user sessions in the systemd control group hierarchy
│ [*] Create home directory on login
│ [*] Inheritable Capabilities Management
More information about the samba
mailing list