Bug 7358

Summary: Samba rpm does not use PAM (or /etc/pam.d/samba)
Product: [Retired] Red Hat Linux Reporter: Christopher Johnson <ckjohnson>
Component: sambaAssignee: Trond Eivind Glomsrxd <teg>
Status: CLOSED NOTABUG QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.1   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 1999-11-29 16:45:53 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Christopher Johnson 1999-11-26 22:20:55 UTC 
In testing pam_ldap for authentication of samba users I discovered that pam
is not used.  Adding  auth    required  pam_warn.so to /etc/pam.d/samba
does not result in warnings in syslog.  Changes to /etc/passwd /etc/shadow
are effective so it appears to be reading them directly instead of using
pam.

I am not using samba encrypted passwords.

I suspect that --with-pam option is not used during your samba build for
the rpm per following quote from www.samba.org:

Samba 2.x detects whether your OS has PAM (Pluggable Authentication
	Module) support at compile time and uses it if it is available.
	We have fixed this for the next release of Samba (version 2.0.4) by
	adding a --with-pam configure option. If you don't use that option
	then PAM won't be used.
Comment 1 Christopher Johnson 1999-11-29 14:19:59 UTC 
Source RPM showed option correct in build.

Dug a little deeper and got it working.  I believe that once /etc/smbpasswd
(which had passwords sync'd with the unix passwords) was removed samba utilized
pam correctly.

Please close this bug.