Description of problem: Trying to change passwords while using pam fail because of bad pam.d/samba file Version-Release number of selected component (if applicable): samba-3.0.25b-1.el4_6.2 How reproducible: Always Steps to Reproduce: 1. Install samba-3.0.25b-1.el4_6.2 2. set "pam password change = yes" 3. Try to change windows password Actual results: Changing password fails Expected results: Password change successful Additional info: On previous version (and future rhel5 version) then pam.d/samba file contained: #%PAM-1.0 auth required pam_nologin.so auth required pam_stack.so service=system-auth account required pam_stack.so service=system-auth session required pam_stack.so service=system-auth password required pam_stack.so service=system-auth The current version only contains: auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth If you set the pam.d/samba back to the previous version then passwords are allowed to be changed again.
On 64 bit RHEL4 systems, Samba authentication by 64 bit apps via PAM is completely broken, as pam.d/samba points to the 32 bit shared library directory only. You need to remove the /lib/security path from the entries.
There are already multiple bugs open about the library path being incorrect. This bug deals with the fact that there are sections of the pam file that are missing. Even if the paths are corrected the password change problem would exist on both 32 and 64 bit.
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2008-0711.html