[Bug 783541] [NEW] pam_smbpass should not check that it is running as root

Paul Rensing prensing at gmail.com
Mon May 16 15:35:48 UTC 2011


Public bug reported:

Binary package hint: libpam-smbpass

The code for pam_smbpass explicitly checks that it is running as root
and fails if it does not.

On the surface, this sounds OK, but this means that it cannot be used
(for example) for a Web server running as www-data.

I have pam_smbpass set with the option "migrate". This works fine for
SSH login (for example), but not Apache login using pam authentication.
I get the message "Cannot access samba password database, not running as
root."

I tried changing "/var/lib/samba/passdb.tdb" to have group "shadow" and
set permissions "g+rw" but this did not work. Looking at the source,
there is an explicit test for running as root. If this test were
removed, I believe that my setup would work properly, migrating the
user's password as soon as they logged into the Web server. Note that
there is already a test later in the code that pam_smbpass can access
passdb.tdb, so this test for root seems superfluous.

Description:	Ubuntu 10.04.2 LTS
Release:	10.04
libpam-smbpass	2:3.4.7~dfsg-1ubuntu3.5

** Affects: samba (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to samba in Ubuntu.
https://bugs.launchpad.net/bugs/783541

Title:
  pam_smbpass should not check that it is running as root



More information about the Ubuntu-server-bugs mailing list