here's a more recent version available
than what you're running?
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
On Wed, Mar 19, 2003 at 11:07:08AM -0600, Christopher R. Hertel wrote:
> On Wed, Mar 19, 2003 at 10:06:39AM -0600, Steve Langasek wrote:
> > On Wed, Mar 19, 2003 at 09:30:18AM -0500, Alex @ Avantel wrote:
> :
> > > No need to - been there, done that, it works. The li
7;s not the case. Or am I wrong on that too?
I think this is wishful thinking on your part. I've never seen any signs
that MS servers get this right.
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
rrier's ACL-enabled packages at
http://www.perrier.eu.org/debian ?
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
se
> with current Samba version, or has there been a solution I didn't hear about?
That problem affects the 'logon path' global option. The 'path' option
on a share must *always* be a Unix path.
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
.2.8pre2.
Have you tried the backported 2.2.7a packages available at
<http://people.debian.org/~peloy/samba/>? Jerry, have there been more
printing fixes since then that he'll need in order to get this working?
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
the secrets file instead of in a keytab because
Samba also needs to have the plaintext password for salting, so until
this is addressed, storing the keys in a keytab would only serve to
confuse admins familiar with traditional Unix keytab handling. Or has
this been addressed when I wasn't looking?
--
Steve Langasek
postmodern programmer
pgp0.pgp
Description: PGP signature
ly reason I've ever seen
for using separate keytabs is if you want different services to run in
separate security contexts. Samba has to run as root, so
/etc/krb5.keytab seems appropriate to me (as much as any keytab is
appropriate -- there seem to still be some issues with using the keytab
at al
n either-or choice. Sometimes, it's useful to be able to
build (and install) static libraries even on platforms that support
shared libraries. The attached patch brings in a few macros from
libtool's aclocal.m4, to add --enable-shared and --enable-static options
to configure as a ste
XFS over EVMS?
I'm running Samba on XFS+EVMS (on Debian ;) with no problems. Even on
buggy versions of XFS, I've never seen this error; I don't think the
filesystem is the cause. OTOH, I haven't used 2.4.20 yet for this
environment.
When you say you compiled with large file supp
master'. Granted, in all the cases I've seen,
enabling 'domain logons' in addition to 'domain master' hasn't done any
harm; but is it really worth gratuitiously breaking users' 2.2 configs to
get this point across?
FWIW, this is the third time I've seen this issue come up with the 3.0
alphas.
--
Steve Langasek
postmodern programmer
msg05533/pgp0.pgp
Description: PGP signature
x27;s really not feasible to
have more than one *primary* domain controller.
--
Steve Langasek
postmodern programmer
msg05513/pgp0.pgp
Description: PGP signature
e that would enforce the
LDAP dependency -- so that a failure to locate LDAP libs would cause the
build to error out instead of giving misbuilt binaries. Do you agree?
--
Steve Langasek
postmodern programmer
msg05440/pgp0.pgp
Description: PGP signature
o
> password sufficient /lib/security/pam_ldap.so
> password required /lib/security/pam_pwdb.so try_first_pass
FWIW, this last line might work better as:
password required /lib/security/pam_pwdb.so use_authtok try_first_pass
Regards,
--
Steve Langasek
postmodern progr
is stopped and
> then starting again, but to no avail.
I noticed this behavior in alpha21 just yesterday. The problem is that
alpha21 will participate in LMB elections, but it doesn't actually return
a browse list to machines that ask.
A workaround is to set 'local master = no' i
but perhaps there's a licensing issue?
--
Steve Langasek
postmodern programmer
msg05272/pgp0.pgp
Description: PGP signature
On Mon, Jan 06, 2003 at 10:24:44PM -0600, Christopher R. Hertel wrote:
> On Mon, Jan 06, 2003 at 02:23:13PM -0600, Steve Langasek wrote:
> :
> > > The -p option should override the defaults in any case, though. There are
> > > folks who use port-redirection (for SSH
an just explicit. :)
Done. See attached.
--
Steve Langasek
postmodern programmer
diff -ur samba-3.0alpha21.orig/source/client/client.c
samba-3.0alpha21/source/client/client.c
--- samba-3.0alpha21.orig/source/client/client.c2002-11-26 20:54:18.0
-0600
+++ samba-3.0alpha21/source/cli
e default port for *all* operations,
including smbclient -M. So the code does need to change if -M needs port
139.
--
Steve Langasek
postmodern programmer
msg05220/pgp0.pgp
Description: PGP signature
ice inextricably bound to NetBIOS? In the former case,
where would I look in the code to remove the NetBIOS header from the
packet?
--
Steve Langasek
postmodern programmer
msg05212/pgp0.pgp
Description: PGP signature
On Fri, Jan 03, 2003 at 10:05:40AM -0600, Kenneth Stephen wrote:
> On Thu, 2 Jan 2003, Steve Langasek wrote:
>> On Thu, Jan 02, 2003 at 06:28:48PM -0600, Kenneth Stephen wrote:
>>>> ADS-style Kerberos support only works when both client and server are
>>>>
eros-enabled application on a given machine (well,
"easily" assuming you know how to go about setting up Kerberos).
Cheers,
--
Steve Langasek
postmodern programmer
msg05171/pgp0.pgp
Description: PGP signature
.
It appears that the --with-krb5 option is currently used in connection
with exactly this feature, and that the previous plaintext Kerberos
support has been dropped in 3.0.
--
Steve Langasek
postmodern programmer
msg05169/pgp0.pgp
Description: PGP signature
On Thu, Jan 02, 2003 at 03:56:39PM -0700, Craig Kelley wrote:
> On Thu, 2 Jan 2003, Steve Langasek wrote:
> > On Thu, Jan 02, 2003 at 02:23:09PM -0700, Craig Kelley wrote:
> > > > I consider confusing smbpasswd with the Unix passwd command a sign that
> > > >
es.
But if you're going to concede that the check is there for a reason
(which you seem to be doing by not asking for the check to be removed
altogether), then that reasoning applies whether or not smbpasswd itself
is the program carrying the suid bit as explained above.
--
Steve Langasek
postmodern programmer
msg05165/pgp0.pgp
Description: PGP signature
On Thu, Jan 02, 2003 at 01:27:01PM -0700, Craig Kelley wrote:
> On Thu, 2 Jan 2003, Steve Langasek wrote:
> > On Thu, Jan 02, 2003 at 10:47:32AM -0700, Craig Kelley wrote:
> > > For some time now, I've been patching smbpasswd to get rid of the
> > > effective U
tility agent for changing passwords and such). I've
> made a preliminary diff to actually stat() the executable to determine if
> it is suid 0:
Why does your suid application not either assume full root privileges, or
drop all such privileges, before exec()ing smbpasswd?
--
Steve Langasek
postmodern programmer
msg05154/pgp0.pgp
Description: PGP signature
ork well are happy.
If symlinks will never be resolved outside of the exported share, why do
you need to resolve them on the server at all? A Unix client is equally
capable of resolving this symlink on the server.
--
Steve Langasek
postmodern programmer
msg05140/pgp0.pgp
Description: PGP signature
he check
in add_domain_names() be changed to lp_domain_master() instead of
lp_server_role()?
Cheers,
--
Steve Langasek
postmodern programmer
msg05075/pgp0.pgp
Description: PGP signature
e share name will always be IPC$ for server enumeration, but I
don't know what other side effects this approach might have. Certainly,
the IPC$ share name would be used for other things which are not
NetBIOS-dependent.
--
Steve Langasek
postmodern programmer
msg05069/pgp0.pgp
Description: PGP signature
be listening on
port 445. OTOH, there are also plenty of older machines (NT4 and below)
that are 139-only.
Theoretically, it might be optimal to use port 139 to collect browse
lists, and then use 445-else-139 for everything else. Barring that, I
think 139-else-445 would be the best option.
--
Steve Langasek
postmodern programmer
msg05067/pgp0.pgp
Description: PGP signature
On Sat, Dec 21, 2002 at 10:41:10PM -0600, Christopher R. Hertel wrote:
> On Sat, Dec 21, 2002 at 09:29:04PM -0600, Steve Langasek wrote:
> > On Sat, Dec 21, 2002 at 08:40:45PM -0600, Christopher R. Hertel wrote:
> > > Note also that none of the calls appear to work properl
t principal=server$@DOMAIN.FQDN.COM
lsa_io_sec_qos: length c does not match size 8
netname: IPC$
remark: Remote IPC
Looks like this call works fine on port 445.
--
Steve Langasek
postmodern programmer
msg05052/pgp0.pgp
Description: PGP signature
ich also has this problem?
--
Steve Langasek
postmodern programmer
msg05049/pgp0.pgp
Description: PGP signature
One additional bit of information --
On Fri, Dec 20, 2002 at 09:56:21AM -0600, Steve Langasek wrote:
> As WinXP begins to loom larger in our environment, we're seeing a
> consistent pattern that XP machines (mostly XP Professional, possibly
> others) take an excessively long
binaries, but still need to serve the
needs of users who are not (yet) using LDAP.
Thanks,
--
Steve Langasek
postmodern programmer
msg05040/pgp0.pgp
Description: PGP signature
yet to set
up a 2.2 test print server to verify.
Network traces and log files happily provided to anyone willing to tackle
this issue.
Thanks,
--
Steve Langasek
postmodern programmer
msg05041/pgp0.pgp
Description: PGP signature
> I would like to avoid doing GSS-API and Kerberos in kernel. Is there an
> open-sourced, user-level SMB/CIFS client?
The smbclient program from Samba 3.0 does have early support for
Kerberos. I'm not sure if that code path gets tested regularly, but
it's there at lesat.
--
var/run/samba
> i don't understand what is happening with tdb files in printing.c
> so I don't now how to track this down further...
Hmm, sounds like this is a Debian-specific problem. I'll hunt this down
and let you know.
--
Steve Langasek
postmodern programmer
msg05000/pgp0.pgp
Description: PGP signature
/bugs.debian.org/171205>, for example.
Regards,
--
Steve Langasek
postmodern programmer
msg04939/pgp0.pgp
Description: PGP signature
res from NTFS partitions, that's a question of
whether the host OS supports the filesystem. If you are asking whether
Samba (smbclient) can *access* shares on NTFS partitions, then yes --
though NTFS has little to do with it.
--
Steve Langasek
postmodern programmer
msg04915/pgp0.pg
analysts. It
remains quite speculative, since it presumes Microsoft will be able to
swallow their pride enough to take this giant step. ;) We'll see what
happens in another two years... :)
--
Steve Langasek
postmodern programmer
msg04877/pgp0.pgp
Description: PGP signature
be
a viable option to smbmount: it's one thing to be on a filesystem (such
as some version of smbfs) that can't handle large files, and quite
another for the application to crash whenever you run one of the growing
number of applications that use the LFS userspace calls.
I'll scare u
Hello,
Another segfault in 3.0alpha20. More details available at
<http://bugs.debian.org/171071>.
Cheers,
--
Steve Langasek
postmodern programmer
- Forwarded message from Sönfeld Sándor <[EMAIL PROTECTED]> -
The Samba 'panic action' script, /usr/share/samba/pan
) as a bug that was fixed in alpha21,
please let me know; otherwise, I'd be obliged if someone was interested
in taking a look at these crashes.
Cheers,
--
Steve Langasek
postmodern programmer
- Forwarded message from Han-Willem Woltgens <[EMAIL PROTECTED]>
-
The Samba '
ere may be some platforms that appear to have a working gettimeofday()
until you actually try to *use* it; maybe the AC_TRY_RUN was frivolous,
but maybe it was added to deal with a real problem. In the latter case,
AC_TRY_RUN should be called with a sane default for cross-compiling.
--
Steve Langasek
postmodern programmer
msg04813/pgp0.pgp
Description: PGP signature
m, Win2K did give a warning that it failed to
delete the machine account, but this was non-fatal. I'm wondering if
this was the real cause of the failure before, in which case the network
trace I sent you probably wouldn't be particularly useful. Is there any
concerted effort to
conf. However,
this setting does not appear to have any effect, and attempting to join
the domain gives the same error message.
Does anyone have any insights into the status of SP3 compatibility in
Samba? Would network traces or log files be of use to anyone?
--
Steve Langasek
postmodern pr
ble samba looking for valid machine accounts
> temporarily so that users can log in while I try to fix this problem?
No, this is fundamental to domain logins; without a valid machine
account, there's no trust relationship between the workstation and the
PDC, and no way to securely verif
hing in PAM will know
the result of this authentication unless PAM *performed* the
authentication.
--
Steve Langasek
postmodern programmer
msg04651/pgp0.pgp
Description: PGP signature
ps() function, but otherwise, that pretty much covers everything
you'd need to do with NSS for users and groups.
--
Steve Langasek
postmodern programmer
msg04629/pgp0.pgp
Description: PGP signature
On Tue, Nov 26, 2002 at 12:28:58PM -0600, Christopher R. Hertel wrote:
> On Tue, Nov 26, 2002 at 10:03:08AM -0600, Steve Langasek wrote:
> > It's far better to use the defaults for all of these values,
> > particularly since Win9x wets itself when it's left in charge o
He probably is using non-default values for at
least one of the above options, if Samba is interfering with the NT
domain.)
--
Steve Langasek
postmodern programmer
msg04622/pgp0.pgp
Description: PGP signature
amba/share/), and installing it as part
of the system (/usr/local/share/samba/ or /usr/share/samba/). This is
the problem with saying "we should always use the subdir samba", because
there are still unbelievers[1] who don't want this. :)
--
Steve Langasek
postmodern programmer
[1] :)
msg04587/pgp0.pgp
Description: PGP signature
and AusCERT? I'm interested to see how
well-connected they are (would hate for people to substitute unfounded
faith in one key for a similar faith in another, at least). Debian being
what it is, most of my trust paths to the world pass through people, not
through organizations... :)
--
Steve Langasek
postmodern programmer
msg04565/pgp0.pgp
Description: PGP signature
e
shortest of which is only three hops long, despite never having met a
member of the Samba Team. All in all, a well-connected key, and I think
if there are people who get this error and actually care about it :), the
problem is more likely to lie on their end of the web of trust.
--
Steve Langasek
postmodern programmer
msg04561/pgp0.pgp
Description: PGP signature
the person it claims to have come from.
Asking about, I've been pointed to <http://gnupg.org/gph/en/manual.html>
as a general intro to GPG.
--
Steve Langasek
postmodern programmer
msg04559/pgp0.pgp
Description: PGP signature
On Fri, Nov 22, 2002 at 12:56:39PM -0800, Martin Pool wrote:
> I'll write up a short page describing how to use them, unless Jerry
> particularly wants to do it.
In five words or less, from the gpg manpage:
$ gpg --verify samba-2.2.7.tar.gz.asc samba-2.2.7.tar.gz
--
Steve Langasek
make your 'passwd'
command a wrapper which passes the old plaintext password to both the
real 'passwd' command and to 'smbpasswd' as needed. Depending on the
platform, this might also be doable using PAM, though I don't know what
module to recommend for
e the Samba server never *has* the plaintext of the old
password.
If running the Samba PDC on the NIS master is not practical for your
environment, then password synchronization between NIS and the PDC is not
practical for your environment.
--
Steve Langasek
postmodern programmer
msg04499/pgp0.pgp
Description: PGP signature
t for domain
joining using RAP.
Cheers,
--
Steve Langasek
postmodern programmer
Index: source/utils/net_help.c
===
RCS file: /cvsroot/samba/source/utils/net_help.c,v
retrieving revision 1.2.2.2
diff -u -w -r1.2.2.2 net_help.c
--- source/ut
store
> > all files in utf8 character set on the disk.
> Actually, I was trawling through the code last night, and the default is
> UTF-8 if you don't set anything.
Yep. This means Samba 3.0 by default has better Unicode support than
Windows does -- too bad only Unix clients
d!
Instead of providing backwards-compatibility for configurations that were
broken in the first place, I think something like the below script, added
to the upgrade documentation, would be better. The script was written
for Linux (GNU find, GNU bash, GNU iconv :), and probably needs to be
adjust
unix username lookups without violating the abstraction (e.g.,
nscd). I particularly don't think this should be used for anything that
involves *enumerating* users, as the most frequent NSS configuration
involving LDAP is to reference both LDAP *and* local files; so
enumerating via the Unix call
iscussion of Samba
development issues. Please see [EMAIL PROTECTED] for questions of a
non-developer nature.
> If you would Compare and contrast Samba and NFS. Which one would you
> choose to use and why?
Both, each for the purpose for which it's intended.
Steve Langasek
postmodern progra
*could* embed this information in a URI string, but there would be
nothing particularly standard about this, and the LDAP libraries are
unlikely to understand them -- so Samba will still have to parse these
components out of the URL and handle them directly.
Steve Langasek
postmodern programmer
msg04134/pgp0.pgp
Description: PGP signature
ce; it can't give you trust
> > relationships today, without a lot of finagling.
> > Steve Langasek
> > postmodern programmer
> I understand the role of/need for the BDC, I'm just concerned about
> flooding the WAN connections with replication traffic and not bei
ault-tolerance than
having three domains with a single PDC each.
Samba+LDAP can give you this fault tolerance; it can't give you trust
relationships today, without a lot of finagling.
Steve Langasek
postmodern programmer
msg04146/pgp0.pgp
Description: PGP signature
les. If
oplocking is enabled, it might also be possible to make them behave,
though this would at least require some symlink magic.
Steve Langasek
postmodern programmer
msg04042/pgp0.pgp
Description: PGP signature
rver around.
Afraid I don't... was just looking over the code, and noticed that
nisplus would have the same problem that unixsam would.
Steve Langasek
postmodern programmer
msg03935/pgp0.pgp
Description: PGP signature
On Fri, Oct 25, 2002 at 02:39:16AM +0200, Jelmer Vernooij wrote:
> On Thu, Oct 24, 2002 at 06:51:38PM -0500, Steve Langasek wrote about 'segfaults in
>pam_smbpass in SAMBA_3_0 with unixsam backend':
> > Currently, pam_smbpass calls initialize_password_db() with reload ==
On Fri, Oct 25, 2002 at 11:04:43AM +1000, Matthew Hannigan wrote:
> On Thu, Oct 24, 2002 at 10:44:28AM -0500, Steve Langasek wrote:
> > On Thu, Oct 24, 2002 at 01:08:10PM +1000, Matthew Hannigan wrote:
> > > And Solaris? At least they're autoconfigured to assume kernel opl
and have error checking added to free_pdb_context() to check for a
null pointer?
Steve Langasek
postmodern programmer
msg03927/pgp0.pgp
Description: PGP signature
On Thu, Oct 24, 2002 at 01:08:10PM +1000, Matthew Hannigan wrote:
> On Thu, Oct 24, 2002 at 02:10:14AM +, [EMAIL PROTECTED] wrote:
> > On Wed, Oct 23, 2002 at 09:02:03PM -0500, Steve Langasek wrote:
> > > On Thu, Oct 24, 2002 at 11:38:55AM +1000, Matthew Hannigan wrote:
>
;command" is that it's BAD to point this at something like
adduser without a certain amount of error checking... doesn't stop some
of us, though. :)
Steve Langasek
postmodern programmer
msg03816/pgp0.pgp
Description: PGP signature
;t running a kernel (Irix or Linux) that implements
oplocks, you MUST NOT use oplocks if the files will be accessed by
applications other than Samba.
Steve Langasek
postmodern programmer
msg03810/pgp0.pgp
Description: PGP signature
r
which kernels, specifically). It may help to turn kernel oplock support
off. I would not turn off oplock support itself without a stronger
indicator that it's the source of the trouble, since oplocks normally
*improve* performance.
Steve Langasek
postmodern programmer
msg03762/pgp0.pgp
Description: PGP signature
rarely the LMB for its subnet, and it's *never* caused us a
problem. Is there actually a limitation in NT that causes brokenness if
it doesn't win the browser election, and if so, has anyone documented
what happens?
Steve Langasek
postmodern programmer
msg03756/pgp0.pgp
Description: PGP signature
is to use ldaps instead of tls. The
attached patch against SAMBA_3_0 will add support for STARTTLS when
using OpenLDAP libs. The muddled interaction between TLS and SSL is
not addressed.
Steve Langasek
postmodern programmer
Index: passdb/
l need to be
converted by hand to the new "unix charset" and "dos charset" values.
If the user previously had these settings in smb.conf, and they were
converted but accents are still broken, please let me know. (Preferably,
a bug would be filed with the Debian BTS.)
R
or userspace tools like smbmount.
Also, I did misspeak in suggesting that no Linux kernels have been
released with large file support for smbfs: AIUI, this support has been
integrated into the 2.5 kernel series. So there are definitely
applications for an LFS-enabled smbmount today, and t
that the Samba Team should seriously consider
making LFS support in smbfs a goal for the Samba 3.0 release.
Regards,
Steve Langasek
postmodern programmer
msg03672/pgp0.pgp
Description: PGP signature
possible to keep track of RIDs that have been allocated
in the past, even after the associated user has been deleted -- which
IIRC is how Windows treats RIDs.
Steve Langasek
postmodern programmer
msg03665/pgp0.pgp
Description: PGP signature
much simpler to designate a "master" server (a PDC) that all update
requests are sent to, then use rsync to propogate the master file out to
other servers.
Steve Langasek
postmodern programmer
msg03657/pgp0.pgp
Description: PGP signature
find these other than in the Samba source,
sorry.
Steve Langasek
postmodern programmer
msg03539/pgp0.pgp
Description: PGP signature
equired 28, available 15
This is due to the usage of push_ascii() in
libsmb/smbencrypt.c:E_deshash(). Since the return value of push_ascii()
is discarded, I assume the error is also not fatal; so it seems to me
that before 3.0 is released, this debug statement ought to be reduced in
severity.
Che
initely need to handle that backslash:
smbcacls //hermes/xfs-share test -U TOGO/hzbogdan -M ACL:TOGO\\users:0/0/W
or
smbcacls //hermes/xfs-share test -U TOGO/hzbogdan -M 'ACL:TOGO\users:0/0/W'
HTH,
Steve Langasek
postmodern programmer
msg03521/pgp0.pgp
Description: PGP signature
th an explanation and an exit(0).
Cheers,
Steve Langasek
postmodern programmer
diff -uNr samba-2.999+3.0.alpha20.orig/source/utils/status.c
samba-2.999+3.0.alpha20/source/utils/status.c
--- samba-2.999+3.0.alpha20.orig/source/utils/status.c 2002-09-26 14:38:36.0
-0500
+++ samba-2.999+3.0.al
as a dependency of libsmbclient.h?
Steve Langasek
postmodern programmer
- Forwarded message from Jonas Öberg <[EMAIL PROTECTED]> -
Subject: Bug#162956: libsmbclient-dev: libsmbclient.h doesn't work without
client.h
Reply-To: "Jonas Öberg" <[EMAIL PROTECTED]>
s are going to need some way to
sanely migrate from smbpasswd to tdbsam.
> Really, people have been using smbpasswd on the assumption that
> 'password does not expire' was implicity set. Possibly having an easy
> tool to set that on every account might be a good idea, but I&
That's what I though, but it didn't build on my last check. I'll go back
> > and see why not
> It's not in the 'all' target. I had to move to 'make everything' to get
> the build farm to do it.
When you get to 'make universe',
On Thu, Sep 26, 2002 at 11:29:51PM +0200, Jelmer Vernooij wrote:
> On Thu, Sep 26, 2002 at 03:30:44PM -0500, Steve Langasek wrote about 'Re:
>--wuth-tdbsam ?':
> > > > and tdbsam should be the default passdb backend in 3.0. We should remove
> > > > th
and provide a migration script.
> 'pdbedit -i smbpasswd -e tdbsam' does exactly that.. now we only need
> to document it :-)
Is pdb importing from smbpasswd going to be fixed first so that
everyone's passwords don't expire 12 days after they upgrade? :)
Steve Langasek
postmodern programmer
msg03275/pgp0.pgp
Description: PGP signature
On Sun, Sep 08, 2002 at 04:21:02PM -0500, Steve Langasek wrote:
> After a bit of research, I've uncovered the new 'hostname lookups' option
> in Samba HEAD. I understand the value of being able to configure this
> setting, and of having it default to 'no' to c
o config
options? Having hostname lookups unexpectedly turned off can not only
block access from legitimate users, it can also be a security hole.
Steve Langasek
postmodern programmer
msg02955/pgp0.pgp
Description: PGP signature
- pam_set_data(). In this case, 'data' should be a
pointer to a data blob containing all the information you need to know
about the open socket, and 'cleanup' is the callback function used to
close the socket (and do any other housekeeping chores that might come
up).
Steve Langasek
postmodern programmer
msg02780/pgp0.pgp
Description: PGP signature
's done with a PAM
handle is broken beyond all hope, and it's not Samba's business to try to
save it from the inevitable.
Steve Langasek
postmodern programmer
msg02774/pgp0.pgp
Description: PGP signature
ba
> will look for this stuff.
passdb/machine_sid.c:
/* check for an old MACHINE.SID file for backwards compatibility */
asprintf(&fname, "%s/MACHINE.SID", lp_private_dir());
so adjusting the setting of 'private dir' in smb.conf should do it.
(
It appears that pam_smbpass is once again broken in HEAD, due to
unresolved symbols. The attached diff attempts a somewhat more permanent
solution to the problem.
Cheers,
Steve Langasek
postmodern programmer
Index: Makefile.in
[1082]: PAM rejected by account
> configuration[28]: Module is unknown
On my system, the 'OpenSSLDie' function is provided by libcrypto, and
libssl depends on libcrypto. You probably need to add '-lcrypto' to
whatever line has '-lssl' on it.
Steve Langasek
postmodern programmer
msg02338/pgp0.pgp
Description: PGP signature
1 - 100 of 132 matches
Mail list logo
