[Bug 783541] Re: pam_smbpass should not check that it is running as root
Serge Hallyn
783541 at bugs.launchpad.net
Thu May 26 01:29:36 UTC 2011
Thanks for taking the time to submit this bug.
If you want to authenticate as non-root, please look into using
pam_winbindd.
** Changed in: samba (Ubuntu)
Status: New => Invalid
** Changed in: samba (Ubuntu)
Importance: Undecided => Low
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/783541
Title:
pam_smbpass should not check that it is running as root
Status in “samba” package in Ubuntu:
Invalid
Bug description:
Binary package hint: libpam-smbpass
The code for pam_smbpass explicitly checks that it is running as root
and fails if it does not.
On the surface, this sounds OK, but this means that it cannot be used
(for example) for a Web server running as www-data.
I have pam_smbpass set with the option "migrate". This works fine for
SSH login (for example), but not Apache login using pam
authentication. I get the message "Cannot access samba password
database, not running as root."
I tried changing "/var/lib/samba/passdb.tdb" to have group "shadow"
and set permissions "g+rw" but this did not work. Looking at the
source, there is an explicit test for running as root. If this test
were removed, I believe that my setup would work properly, migrating
the user's password as soon as they logged into the Web server. Note
that there is already a test later in the code that pam_smbpass can
access passdb.tdb, so this test for root seems superfluous.
Description: Ubuntu 10.04.2 LTS
Release: 10.04
libpam-smbpass 2:3.4.7~dfsg-1ubuntu3.5
More information about the foundations-bugs
mailing list