This service will be undergoing maintenance at 00:00 UTC, 2016-09-28. It is expected to last about 1 hours
Bug 7358 - Samba rpm does not use PAM (or /etc/pam.d/samba)
Samba rpm does not use PAM (or /etc/pam.d/samba)
Status: CLOSED NOTABUG
Product: Red Hat Linux
Classification: Retired
Component: samba (Show other bugs)
6.1
All Linux
medium Severity medium
: ---
: ---
Assigned To: Trond Eivind Glomsrxd
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 1999-11-26 17:20 EST by Christopher Johnson
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 1999-11-29 11:45:53 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Christopher Johnson 1999-11-26 17:20:55 EST
In testing pam_ldap for authentication of samba users I discovered that pam
is not used.  Adding  auth    required  pam_warn.so to /etc/pam.d/samba
does not result in warnings in syslog.  Changes to /etc/passwd /etc/shadow
are effective so it appears to be reading them directly instead of using
pam.

I am not using samba encrypted passwords.

I suspect that --with-pam option is not used during your samba build for
the rpm per following quote from www.samba.org:

Samba 2.x detects whether your OS has PAM (Pluggable Authentication
	Module) support at compile time and uses it if it is available.
	We have fixed this for the next release of Samba (version 2.0.4) by
	adding a --with-pam configure option. If you don't use that option
	then PAM won't be used.
Comment 1 Christopher Johnson 1999-11-29 09:19:59 EST
Source RPM showed option correct in build.

Dug a little deeper and got it working.  I believe that once /etc/smbpasswd
(which had passwords sync'd with the unix passwords) was removed samba utilized
pam correctly.

Please close this bug.

Note You need to log in before you can comment on or make changes to this bug.