Re: [OT] Re: email notifications when users login
On Thursday 21 September 2006 12:37 pm, Morgan Walker wrote: > Thanks Michelle that worked perfect. Is there an easy variable I could > throw in there that you know off hand which would include the time > (MM/DD/) as well? $( date ) will add the current date and time. You can read the man page for date to find out how to format it so that it only shows the date or only the time or both, etc. $( ) will start a sub-shell that runs whatever commands you put between the $( and ). So you could do: msg="The user ${LOGNAME} has logged into $( hostname ) at $( date )." echo $msg | sendmail -s "User login" [EMAIL PROTECTED] -- Freddie Cash, LPIC-2 CCNT CCLP Network Support Technician School District 73 (250) 377-HELP [377-4357] [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: SMB passwords etc (was "How can I help ?")
At 22:40 14/06/2000, Zak Kipling wrote: On Wed, 14 Jun 2000, Sebastian Rittau wrote: >> [stuff about encrypted SMB passwords] > > But using this option prevents you from using the global /etc/shadow > file, which is problematic in some cases. True. Samba has a "password sync" option to enable SMB password changes to automatically update the unix password file too (though it can be troublesome to get this working smoothly...) I'm no PAM or SMB expert, but I would imagine (if it hasn't been done) it would be feasible to make a stacked "password" module to do the reverse, ie to update the SMB password (including optionally creating the entry in the smbpasswd file if it doesn't exist) when the "passwd" command is used to change the unix password. A mechanism would obviously be required to prevent a loop situation when both options are used simultaneously. If Samba carried out the actual SMB password update via PAM, then this should allow for the required flexibiliity, with either one or both off the unix/SMB password setting modules used by passwd and smbd as desired. This would hopefully eliminate the need for the "password sync" option with its dependence on the precise prompt string produced by the "passwd" command. -- Zak Kipling, E114 Wolfson Court, Clarkson Road, Cambridge, CB3 0EH. Tel. (01223) 509524; pager 04325 361627; ICQ# 62661452; Ask for PGP key Internet chat: telnet to zk201.girton.cam.ac.uk and log in as "talk". "As long as the superstition that people should obey unjust laws exists, so long will slavery exist." -- M. K. Gandhi -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] This was posted to samba-technical within the last few days: From: Peter Samuelson <[EMAIL PROTECTED]> To: Multiple recipients of list SAMBA-TECHNICAL <[EMAIL PROTECTED]> Subject: ANNOUNCE: pam_pwexport, Unix->SMB password changes Date: Tue, 13 Jun 2000 22:08:43 +1000 [[posted to samba-ntdom and samba-technical]] More than one user has recently asked about Unix->Samba password sync. You can go the *other* direction with those chat options in smb.conf, and Samba even has an option `update encrypted' for using cleartext passwords and populating the smbpasswd file when people change them. But when a user executes `passwd' or `yppasswd' on the Unix system, Samba has no way of knowing, so your NT password gets out of sync. Until now. For all you out there who use PAM-enabled Unix systems (that means most flavors of Linux and Solaris, and recently HP-UX, and possibly others I don't know about), you may wish to give this a shot: http://peter.cadcamlab.org/misc/pam_pwexport-0.0.tar.gz It sits and snoops whenever a user enters or changes a password through PAM, and sends the passwords off to be processed by an arbitrary PAM-unaware executable. That means: * For all logins (ftp, ssh, telnet, pop3, etc) you can grab the password and use it to populate your local smbpasswd file. This is akin to the smb.conf `update encrypted' option, useful for migration from a Unix environment to a mixed Unix/NT environment. * For Unix password changes, you get both the old and new password, so you can either do the above, or update an NT domain controller (or remote Samba domain controller). Assuming your NIS domain controller is PAM-aware, this should work for `yppasswd' as well. (Untested.) * Although I wrote it with Samba in mind, it is by no means specific to smbpasswd; other similar "password migration" scenarios should work just as well. Like most PAM modules, it's not very hard to set up. Included is an example glue script for making it work with smbpasswd. BUT: It's a 0.0 release and has only been tested on Linux-PAM. It may work on the other Unices, but I don't have Solaris and I haven't gotten a chance to test on HP-UX yet. It's also missing some error checking and other polish. (I'll gladly take patches.) ALSO: pam_pwexport won't work properly without a small patch, included, to fix a bug in Linux-PAM 0.72. Enjoy. I did. (PAM modules are much easier to write than you think.) Peter Looks like what you're after :) Freddie
Re: SMB passwords etc (was "How can I help ?")
At 22:40 14/06/2000, Zak Kipling wrote: >On Wed, 14 Jun 2000, Sebastian Rittau wrote: > > >> [stuff about encrypted SMB passwords] > > > > But using this option prevents you from using the global /etc/shadow > > file, which is problematic in some cases. > >True. Samba has a "password sync" option to enable SMB password changes to >automatically update the unix password file too (though it can be >troublesome to get this working smoothly...) > >I'm no PAM or SMB expert, but I would imagine (if it hasn't been done) it >would be feasible to make a stacked "password" module to do the reverse, >ie to update the SMB password (including optionally creating the entry in >the smbpasswd file if it doesn't exist) when the "passwd" command is used >to change the unix password. > >A mechanism would obviously be required to prevent a loop situation when >both options are used simultaneously. If Samba carried out the actual SMB >password update via PAM, then this should allow for the required >flexibiliity, with either one or both off the unix/SMB password setting >modules used by passwd and smbd as desired. This would hopefully eliminate >the need for the "password sync" option with its dependence on the precise >prompt string produced by the "passwd" command. > >-- >Zak Kipling, E114 Wolfson Court, Clarkson Road, Cambridge, CB3 0EH. >Tel. (01223) 509524; pager 04325 361627; ICQ# 62661452; Ask for PGP key >Internet chat: telnet to zk201.girton.cam.ac.uk and log in as "talk". > >"As long as the superstition that people should obey unjust laws exists, >so long will slavery exist." -- M. K. Gandhi > > > >-- >To UNSUBSCRIBE, email to [EMAIL PROTECTED] >with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] This was posted to samba-technical within the last few days: From: Peter Samuelson <[EMAIL PROTECTED]> To: Multiple recipients of list SAMBA-TECHNICAL <[EMAIL PROTECTED]> Subject: ANNOUNCE: pam_pwexport, Unix->SMB password changes Date: Tue, 13 Jun 2000 22:08:43 +1000 [[posted to samba-ntdom and samba-technical]] More than one user has recently asked about Unix->Samba password sync. You can go the *other* direction with those chat options in smb.conf, and Samba even has an option `update encrypted' for using cleartext passwords and populating the smbpasswd file when people change them. But when a user executes `passwd' or `yppasswd' on the Unix system, Samba has no way of knowing, so your NT password gets out of sync. Until now. For all you out there who use PAM-enabled Unix systems (that means most flavors of Linux and Solaris, and recently HP-UX, and possibly others I don't know about), you may wish to give this a shot: http://peter.cadcamlab.org/misc/pam_pwexport-0.0.tar.gz It sits and snoops whenever a user enters or changes a password through PAM, and sends the passwords off to be processed by an arbitrary PAM-unaware executable. That means: * For all logins (ftp, ssh, telnet, pop3, etc) you can grab the password and use it to populate your local smbpasswd file. This is akin to the smb.conf `update encrypted' option, useful for migration from a Unix environment to a mixed Unix/NT environment. * For Unix password changes, you get both the old and new password, so you can either do the above, or update an NT domain controller (or remote Samba domain controller). Assuming your NIS domain controller is PAM-aware, this should work for `yppasswd' as well. (Untested.) * Although I wrote it with Samba in mind, it is by no means specific to smbpasswd; other similar "password migration" scenarios should work just as well. Like most PAM modules, it's not very hard to set up. Included is an example glue script for making it work with smbpasswd. BUT: It's a 0.0 release and has only been tested on Linux-PAM. It may work on the other Unices, but I don't have Solaris and I haven't gotten a chance to test on HP-UX yet. It's also missing some error checking and other polish. (I'll gladly take patches.) ALSO: pam_pwexport won't work properly without a small patch, included, to fix a bug in Linux-PAM 0.72. Enjoy. I did. (PAM modules are much easier to write than you think.) Peter Looks like what you're after :) Freddie -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]