Bug 79139

Summary: obey pam restrictions does not work by default
Product: [Retired] Red Hat Linux Reporter: John Newbigin <jn>
Component: sambaAssignee: Jay Fenlason <fenlason>
Status: CLOSED WONTFIX QA Contact: David Lawrence <dkl>
Severity: low Docs Contact:
Priority: medium    
Version: 7.2CC: jfeeney
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-05-17 19:30:47 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description John Newbigin 2002-12-06 06:12:32 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.2.1) Gecko/20021130

Description of problem:
obey pam restrictions = Yes
does not work with the shipped version of /etc/pam.d/samba
The file needs a session line to make it work

Version-Release number of selected component (if applicable):
samba-2.2.1a-4

How reproducible:
Always

Steps to Reproduce:
1. edit /etc/samba/smb.conf and set obey pam restrictions = Yes 
2. use smbclient (or anything else) to try and connect to the samba server
3.
	

Actual Results:  This error is recorded in %m.log
[2002/12/06 15:36:05, 0] passdb/pampass.c:smb_pam_error_handler(72)
  smb_pam_error_handler: PAM: session setup failed : System error


Expected Results:  No errors.

Additional info:

adding
session required        /lib/security/pam_stack.so service=system-auth

to /etc/pam.d/samba will solve the problem.

I don't know if this is still a problem in 7.3 or 8.0 but I though I would add a
bug report to help anyone else who might come across the problem.

I am using encrypt passwords = Yes but I don't think that will make any difference.