Bug 23370 - smbpasswd command line behaviour differs from man page
Summary: smbpasswd command line behaviour differs from man page
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: samba   
(Show other bugs)
Version: 6.2
Hardware: i386
OS: Linux
Target Milestone: ---
Assignee: Trond Eivind Glomsrxd
QA Contact: David Lawrence
Depends On:
TreeView+ depends on / blocked
Reported: 2001-01-05 02:44 UTC by Tim Pepper
Modified: 2007-04-18 16:30 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2001-01-05 02:44:04 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Tim Pepper 2001-01-05 02:44:02 UTC
In the RedHat 6.2 samba-2.0.7-4 package (I haven't verified this against
other versions) I'm seeing behaviour in the smbpasswd command line
parameters which seems to vary from that which is described in the man page
in that the command seems to be accepting a final command line parameter
not mentioned in the man page.

The man page indicates a usage of:
	smbpasswd [options...] username
where the 'username' parameter is stated to specify "the username for all
of the root only options to operate on.  Only root can specify this
parameter as only root has the permission needed to modify attributes
directly in the local smbpasswd file."

Contrary to this, for any non-root user entering the smbpasswd command with
a final non-option parameter, that parameter is taken as the new password. 
The user is prompted for the old password and then not prompted for a new
password.  This works similarly for remote connections via the -r [-U]
options.  In both cases there must of course be an existing account for the
non-root user running the command.

For the root user, a command of 'smbpasswd username newpassword' will
similarly succeed.

If root enters 'smbpasswd -r servername -U remoteuser1 remoteuser2
password', remoteusers2 will be set to password without further
interaction, overriding the -U parameter.

Not a big deal I suppose and simple testing seems to indicate that this
undocumented parameter exits gracefully when subjected to a buffer overflow

ERROR: string overflow by 2457 in safe_strcpy
make_oem_passwd_hash: new password is too long.
machine rejected the password change: Error was : code 0.
Failed to change password for foouser

Comment 1 Bill Nottingham 2001-01-18 23:18:27 UTC
man page clarified slightly in 2.0.7-24; thanks for noticing.

Note You need to log in before you can comment on or make changes to this bug.