ports/73703: Samba 'obey pam restrictions' causes PANIC in Samba 3
bobf at mrp3.com
Tue Nov 9 06:30:22 UTC 2004
>Synopsis: Samba 'obey pam restrictions' causes PANIC in Samba 3
>Arrival-Date: Tue Nov 09 06:30:21 GMT 2004
>Originator: bob frazier
>Release: RELENG_5 (5.3-STABLE #1)
FreeBSD BSDServer.SFT.local 5.3-STABLE FreeBSD 5.3-STABLE #1: Tue Oct 26 20:13:16 PDT 2004 root@:/usr/obj/usr/src/sys/GENERIC i386
When attempting to use the latest Samba 3 port (3.0.7), following a portupgrade of all ports (using cvs tag RELEASE_5_3_0), I noticed that all users that had a login without a blank password were unable to list or access any shares. Blank password users (such as a 'guest' type user without a password) worked ok. Domain logins still worked properly. Only access to the shares was affected. When I commented out the "obey pam restrictions = yes" line in smb.conf, the problem went away. Rebuilding the port via portupgrade -f (as well as 'make deinstall' / 'make reinstall'), restoring tdb's from backup, etc. had no effect.
using FBSD RELENG_5, Samba 3.0.7 and latest ports
a) set up Samba 3 as a domain controller
b) add some shares and users
c) add the line "obey pam restrictions = yes" to the global section of smb.conf
d) attempt to list shares without a user (smbclient -U% -L localhost) and with a user (smbclient -U username -L localhost) where 'username' is a valid user with a password (and not 'root').
e) remove the line "obey pam restrictions = yes" from the global section of smb.conf
f) repeat step d.
remove the line "obey pam restrictions = yes" from the global section of smb.conf to work around the problem.
More information about the freebsd-ports-bugs