On 18/02/2013 00:00, Andrew Bartlett wrote: > On Sat, 2013-02-16 at 18:24 +0000, Roger Lynn wrote: >> At some point in the last month server password management using Swat has >> stopped working. Swat can be logged into and the old and new server passwords >> entered, but choosing "Change Password" appears to just reload the page >> without changing anything. Entering the wrong old password or mismatching >> new passwords does the same thing. >> >> The only relevant logging I can find is in /var/log/samba/log. which has >> recently started getting lots of lines like this when Swat is used: >> >> [2013/02/16 15:02:30.297508, 0] passdb/secrets.c:76(secrets_init) >> Failed to open /var/lib/samba/secrets.tdb > >> As my only use of Swat is to allow users to change their passwords, this has >> had a major affect on the usability of the package. > > Please report upstream. We may somehow be able to obtain the CSRF token > and store it in memory before we become the non-privileged user. > > Just to be sure, are you running SWAT as root, from xinetd?
SWAT is being run by stunnel, which is running in daemon mode. I couldn't get it to work from inetd. The relevant part of my stunnel configuration looks like this: [swat] accept = 192.168.10.1:901 exec = /usr/sbin/swat execargs = swat -P According to ps SWAT is running as user root. It used to work and I don't think anything has changed here so I presume SWAT has the necessary privileges. I will attempt to report this upstream. I'd be grateful if any fixes could be backported to Debian Wheezy, release policy permitting, as this appears to be a regression caused by a security update. Thanks, Roger -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org