[WBEL-users] /etc/shadow and Samba

Ewan Mac Mahon ewan@macmahon.me.uk
Wed, 23 Jun 2004 18:27:38 +0100 

--hxkXGo8AKqTJ+9QI
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Jun 23, 2004 at 06:10:57PM +0100, Mario Gamito wrote:
> Hi,
>=20
> > From plain source, or a .src.rpm?
> Plain good old source :)
>
Hmm. Just for curiosity's sake, why not use the WBEL rpms?
=20
> > And there's the right way. The standard RH/WBEL Samba rpms have a
> > chat string in their smb.conf for solving exactly this problem and
> > they do it by calling out to passwd. If I were the OP I'd ditch the
> > homemade samba for the standard WBEL one which wouldn't have given
> > him this problem in the first place, or if he absolutely must have a
> > wierd one just nick the chat string from the standard rpms.
> ok, i've installed the Samba SRMP, checked out the passwd chat in its
> smb.conf and is exactly what i have too.
>=20
OK. Next thing to do is post said chat string here so we can have a
look. For reference the relavent two lines from my working config are
(excuse me if this wraps):

passwd program =3D /usr/bin/passwd %u=20
passwd chat =3D *New*password* %n\n *Retype*new*password* %n\n *passwd:*all=
*authentication*tokens*updated*successfully*=20

Failing that there is a way to get Samba to dump the whole chat to the
log files when it changes a password which might let you see any error
messages coming back from passwd. This feature has the disadvantage of
putting readable passwords into the log files, so Samba makes it quite
difficult to turn it on so that you can't do it by accident; it is all
in the docs though.

This does all rely on you using Samba's encrypted password support and
having a valid smbpasswd file; if you've not set that up yet then that's
probably the trouble.

Ewan

--hxkXGo8AKqTJ+9QI
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFA2b2Ky9yq6MKIKKQRAmBrAJ0eHSix2owI32PKgFGtp1Ewbszx9gCfa94Q
KJvEoE8pL1rq7iKzMrSoj+c=
=1JVq
-----END PGP SIGNATURE-----

--hxkXGo8AKqTJ+9QI--