Red Hat Bugzilla – Bug 70694
using smbpasswd to login to system is successful
Last modified: 2007-04-18 12:45:12 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:0.9.2.1) Gecko/20010901
Description of problem:
When I enter username and the smbpasswd rather than the user password, I can
still have entry into the system
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.create user "newuser" with password "Dak^Dal*"
2.add smbpasswd -a newuser with password "He7Qr3"
3.goto another console and enter "newuser" with password "He7Qr3"
Actual Results: System allows login with incorrect system user password
Expected Results: should have respawned login prompt with "incorrect login" message
This is the third of 3 login bugs I found today
Not a bug - the default configuration is to synchronize the system password with
the samba password when set via samba. Look for passwd chat in smb.conf.
The smbpasswd command, when run as root, will not cause any syncronisation to
occour. Either the PAM configuration on the system has been set to use
pam_smbpass, or the password was changed as non-root, causing a 'password sync'.