samba - Aug 1997 - thoughts on smbpasswd

in our environment, everyone with a unix account on the samba server
should also have an entry in smbpasswd.  in the past i've initialized this
through a script which i call from my nis makefile to keep smbpasswd in
sync with /etc/passwd.  it adds new users, deletes users who no longer
exist in /etc/passwd, and leaves existing users alone (so as not to change
their password).  when i add a new account, i naturally do an nis make and
my smbpasswd file is brought up-to-date.  i had also made changes to
smbpasswd such that a new user could log into their unix account and set
their initial smb password if it was all X's (but of course, the password 
would still be invalid until set).

in 1.9.17alpha, things have changed slightly (the 'NO PASSWORD' string
in
the smbpasswd entry and the -add option to smbpasswd).  i made a couple of
changes to smbpasswd.c that others may find useful.

if the password begins with a '*' then the user can hit return when
prompted
for their old password, but the password is still considered invalid until
set to something that doesn't begin with '*' or 'X'.

if smbpasswd.c is compiled with -DALLOW_ADD_USER, a non-root user can add
a new entry for their username to smbpasswd if it does not yet exist
(ie. if they run smbpasswd and their name is not found in the smbpasswd
file, and they enter a valid password, a new entry is created for their
username).  i also removed the -add option and made the default behaviour
for root that the user is added if not found.

does anyone see any security problems with these changes?

i've included the diffs to smbpasswd.c below.

---begin patch---
--- smbpasswd.c-1.9.17alpha5	Mon Jul 21 13:32:36 1997
+++ smbpasswd.c	Mon Aug 18 14:06:43 1997
@@ -138,7 +138,7 @@
 							 * of passwd in file -
 							 * this is used by
 							 * smbpasswd.c */
-		if (*p == '*' || *p == 'X') {
+		if (*p == 'X') {
 			/* Password deliberately invalid - end here. */
 			*valid_old_pwd = False;
 			*got_valid_nt_entry = False;
@@ -167,7 +167,11 @@
 		if (p[32] != ':')
 			return (False);
 
-		if (!strncasecmp((char *)p, "NO PASSWORD", 11)) {
+		if (*p == '*') {
+		  /* Password deliberately invalid, user can set it. */
+		  pw_buf.smb_passwd = NULL;
+		}
+		else if (!strncasecmp((char *)p, "NO PASSWORD", 11)) {
 		  pw_buf.smb_passwd = NULL;	/* No password */
 		} else {
 		  if(!gethexpwd((char *)p,(char *)smbpwd))
@@ -203,7 +207,7 @@
  */
 static void usage(char *name)
 {
-	fprintf(stderr, "Usage is : %s [-add] [username]\n", name);
+	fprintf(stderr, "Usage is : %s [username]\n", name);
 	exit(1);
 }
 
@@ -222,7 +226,12 @@
   FILE           *fp;
   BOOL            valid_old_pwd = False;
   BOOL 			got_valid_nt_entry = False;
-  BOOL            add_user = False;
+  BOOL            add_user +#ifdef ALLOW_ADD_USER
+  True;
+#else
+  False;
+#endif
   long            seekpos;
   int             pwfd;
   char            ascii_p16[66];
@@ -252,22 +261,17 @@
   /* Deal with usage problems */
   if (real_uid == 0) {
     /* As root we can change anothers password and add a user. */
-    if (argc > 3 )
+    if (argc > 2 )
       usage(argv[0]);
+    add_user = True;
   } else if (argc != 1) {
     fprintf(stderr, "%s: Only root can set anothers password.\n",
argv[0]);
     usage(argv[0]);
   }
   
   if (real_uid == 0 && (argc > 1)) {
-    /* We are root - check if we should add the user */
-    if ((argv[1][0] == '-') && (argv[1][1] == 'a'))
-      add_user = True;
-    if(add_user && (argc != 3))
-      usage(argv[0]);
-
     /* If we are root we can change anothers password. */
-    strncpy(user_name, add_user ? argv[2] : argv[1], sizeof(user_name) - 1);
+    strncpy(user_name, argv[1], sizeof(user_name) - 1);
     user_name[sizeof(user_name) - 1] = '\0';
     pwd = getpwnam(user_name);
   } else {
---end patch---

--
Todd Pfaff                         \  Email: pfaff@mcmaster.ca
Computing and Information Services  \ Voice: (905) 525-9140 x22920
ABB 132                              \  FAX: (905) 528-3773
McMaster University                   \
Hamilton, Ontario, Canada  L8S 4M1     \

Password changing.

I set up the program for changing user passwords.
and I tried to change using the net password \\samba_ser command in win95
needless to say the password change failed

All other services work well. - I have been very pleased with them.
This is one of the last things I need. 
I am running samba 1.9.7alpha5 with quotas and allow change password
compiled in under linux 2.0.30.
Thanks

any help is desireable.

I got the following out of a level 5 log (smb.log)
doing parameter server string = Samba NT server
doing parameter printing = bsd
doing parameter socket options = IPTOS_LOWDELAY TCP_NODELAY
doing parameter printcap name = /etc/printcap
doing parameter load printers = yes
doing parameter admin users = root
doing parameter security = user
doing parameter domain master = yes
doing parameter domain logons = yes
doing parameter logon script = %U.bat
doing parameter logon path = \\%L\%U
doing parameter wins support = yes
doing parameter guest account = ftp
doing parameter short preserve case = yes
doing parameter preserve case = yes
doing parameter preferred master = yes
doing parameter lock directory = /var/lock/samba
doing parameter log level = 5
doing parameter password level = 3
doing parameter os level = 33
doing parameter invalid users = root
doing parameter dead time = 6
doing parameter max xmit = 32768
doing parameter null passwords = yes
doing parameter printer driver = Hp LaserJet 4M
doing parameter client code page = 437
doing parameter passwd program = /usr/bin/passwd %u
doing parameter passwd chat = "*Enter*old*password:*" %o\n
"*Enter*new password:" %n\n "Re-type new password:" %n\n
"Password Changed*"
Processing section "[netlogon]"
doing parameter path = /ehc/logon
doing parameter read only = no
doing parameter write list = skvidal
doing parameter guest ok = yes
Processing section "[homes]"
doing parameter comment = Home Directories
doing parameter invalid users = root, nobody
doing parameter browseable = no
doing parameter read only = no
doing parameter create mode = 0700
Processing section "[apps]"
doing parameter comment = Application Drive
doing parameter browseable = yes
doing parameter write list = skvidal
doing parameter read only = no
doing parameter path = /ehc/apps
doing parameter public = yes
doing parameter create mode = 0750
doing parameter group = internet
Processing section "[printers]"
doing parameter comment = All Printers
doing parameter guest ok = no
doing parameter browseable = yes
doing parameter path = /tmp
doing parameter printable = yes
doing parameter public = no
doing parameter writable = no
doing parameter create mode = 0700
Processing section "[wingroup]"
doing parameter comment = Shared Drive for WinGroup Users
doing parameter browseable = yes
doing parameter write list = @win
doing parameter read only = no
doing parameter path = /ehc/wingroup
doing parameter public = no
doing parameter create mode = 0760
doing parameter invalid users = root
doing parameter writable = yes
doing parameter force group = win
Processing section "[cdrom]"
doing parameter comment = Cdrom drive
doing parameter browseable = yes
doing parameter read only = yes
doing parameter fake oplocks = yes
doing parameter public = no
doing parameter path = /cdrom
Processing section "[sambahomes]"
doing parameter path = /sambahome
doing parameter write list = skvidal
doing parameter admin users = skvidal
doing parameter public = no
doing parameter available = yes
Processing section "[scratch]"
doing parameter path = /ehc/scratch
doing parameter write list = skvidal
doing parameter public = no
doing parameter available = yes
pm_process() returned Yes
adding printer service lp
adding printer service lp3
adding printer service lp4
adding IPC service
Netmask for eth0 = 255.255.255.0
Derived broadcast address 192.168.3.255
Added interface ip=192.168.3.234 bcast=192.168.3.255 nmask=255.255.255.0
08/21/97 00:37:26 loaded services
08/21/97 00:37:26 becoming a daemon
bind succeeded on port 139
waiting for a connection
smb_shm_open : using shmem file /var/lock/samba/SHARE_MEM_FILE to be of size
102400
fcntl_lock 4 7 0 1 1
Lock call successful
smb_shm_register_process : writing record for pid 1853 at offset 0
smb_shm_initialize : initializing shmem file of size 102400
smb_shm_global_lock : locked 2 times
smb_shm_global_lock : locked 3 times
smb_shm_global_unlock : still locked 2 times
smb_shm_global_unlock : still locked 1 times
fcntl_lock 4 7 0 1 2
Lock call successful
08/21/97 00:37:59 changed root to /
priming nmbd
sending a packet of len 1 to (127.0.0.1) on port 137 of type DGRAM
08/21/97 00:37:59 Transaction 0 of length 72
netbios connect: name1=AIRSTRIPONE      name2=LIB-23         
08/21/97 00:37:59 init msg_type=0x81 msg_flags=0x0
08/21/97 00:37:59 Transaction 1 of length 158
size=154
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=0
smb_pid=28721
smb_uid=0
smb_mid=6785
smt_wct=0
smb_bcc=119
switch message SMBnegprot (pid 1853)
Requested protocol [PC NETWORK PROGRAM 1.0]
Requested protocol [MICROSOFT NETWORKS 3.0]
Requested protocol [DOS LM1.2X002]
Requested protocol [DOS LANMAN2.1]
Requested protocol [Windows for Workgroups 3.1a]
Requested protocol [NT LM 0.12]
Selected protocol NT LM 0.12
08/21/97 00:37:59 negprot index=5
size=75
smb_com=0x72
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=128
smb_flg2=1
smb_tid=0
smb_pid=28721
smb_uid=0
smb_mid=6785
smt_wct=17
smb_vwv[0]=5 (0x5)
smb_vwv[1]=12801 (0x3201)
smb_vwv[2]=256 (0x100)
smb_vwv[3]=65280 (0xFF00)
smb_vwv[4]=255 (0xFF)
smb_vwv[5]=65280 (0xFF00)
smb_vwv[6]=255 (0xFF)
smb_vwv[7]=15616 (0x3D00)
smb_vwv[8]=7 (0x7)
smb_vwv[9]=256 (0x100)
smb_vwv[10]=3 (0x3)
smb_vwv[11]=32768 (0x8000)
smb_vwv[12]=25709 (0x646D)
smb_vwv[13]=60416 (0xEC00)
smb_vwv[14]=48301 (0xBCAD)
smb_vwv[15]=61441 (0xF001)
smb_vwv[16]=0 (0x0)
smb_bcc=6
08/21/97 00:37:59 Transaction 2 of length 164
size=160
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=16
smb_flg2=0
smb_tid=0
smb_pid=28721
smb_uid=1
smb_mid=6785
smt_wct=13
smb_vwv[0]=117 (0x75)
smb_vwv[1]=123 (0x7B)
smb_vwv[2]=2920 (0xB68)
smb_vwv[3]=50 (0x32)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=1853 (0x73D)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=24 (0x18)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_vwv[10]=0 (0x0)
smb_vwv[11]=1 (0x1)
smb_vwv[12]=0 (0x0)
smb_bcc=62
switch message SMBsesssetupX (pid 1853)
Domain=[LINNT]  NativeOS=[Windows 4.0] NativeLanMan=[Windows 4.0]
sesssetupX:name=[SKVIDAL]
Checking password for user skvidal (l=9)
adding home directory skvidal at /home/skvidal
skvidal is in 7 groups
102 4 50 100 101 103 108 
uid 1000 registered to name skvidal
Clearing default real name
 Client requested max send size of 2920
Chained message
size=160
smb_com=0x75
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=16
smb_flg2=0
smb_tid=0
smb_pid=28721
smb_uid=100
smb_mid=6785
smt_wct=4
smb_vwv[0]=255 (0xFF)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=1 (0x1)
smb_bcc=26
switch message SMBtconX (pid 1853)
parsing net-path \\AIRSTRIPONE\IPC$, passlen=0
Got device type ?????
Gethostbyaddr failed for 192.168.3.203
Allowed connection from 192.168.3.203 (192.168.3.203) to IPC$
Checking password for user skvidal (l=0)
ACCEPTED: validated uid ok as non-guest
found free connection number 113
Connect path is /tmp
become_user uid=(0,1000) gid=(102,102)
chdir to /tmp
chdir to /etc
unbecome_user now uid=(0,0) gid=(0,0)
08/21/97 00:37:59 lib-23 (192.168.3.203) connect to service IPC$ as user skvidal
(uid=1000,gid=102) (pid 1853)
08/21/97 00:37:59 tconX service=ipc$ user=skvidal cnum=113
size=82
smb_com=0x73
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=128
smb_flg2=1
smb_tid=113
smb_pid=28721
smb_uid=100
smb_mid=6785
smt_wct=3
smb_vwv[0]=117 (0x75)
smb_vwv[1]=71 (0x47)
smb_vwv[2]=0 (0x0)
smb_bcc=30
08/21/97 00:37:59 Transaction 3 of length 137
size=133
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=0
smb_tid=113
smb_pid=28721
smb_uid=100
smb_mid=7041
smt_wct=14
smb_vwv[0]=57 (0x39)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=4 (0x4)
smb_vwv[3]=0 (0x0)
smb_vwv[4]=0 (0x0)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=5000 (0x1388)
smb_vwv[7]=0 (0x0)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=57 (0x39)
smb_vwv[10]=76 (0x4C)
smb_vwv[11]=0 (0x0)
smb_vwv[12]=0 (0x0)
smb_vwv[13]=0 (0x0)
smb_bcc=70
switch message SMBtrans (pid 1853)
become_user uid=(0,1000) gid=(102,102)
chdir to /tmp
trans <\PIPE\LANMAN> data=0 params=57 setup=0
Got API command 115 of form <zb16b16WW> <>
(tdscnt=0,tpscnt=57,mdrcnt=0,mprcnt=4)
Doing SetUserPassword
Set password for <SKVIDAL>
Checking password for user skvidal (l=9)
Password change for user: skvidal
is_in_path: .
is_in_path: no name list.
is_in_path: ..
is_in_path: no name list.
is_in_path: MAKEDEV
is_in_path: no name list.
is_in_path: beep
is_in_path: no name list.
is_in_path: modreq
is_in_path: no name list.
is_in_path: watchdog
is_in_path: no name list.
is_in_path: temperature
is_in_path: no name list.
is_in_path: hwtrap
is_in_path: no name list.
is_in_path: exttrp
is_in_path: no name list.
is_in_path: rtc
is_in_path: no name list.
is_in_path: relay8
is_in_path: no name list.
is_in_path: relay16
is_in_path: no name list.
is_in_path: fd0u1440
is_in_path: no name list.
is_in_path: fd1h410
is_in_path: no name list.
is_in_path: fd0u1680
is_in_path: no name list.
is_in_path: fd1h420
is_in_path: no name list.
is_in_path: fd0u820
is_in_path: no name list.
is_in_path: fd1h720
is_in_path: no name list.
is_in_path: fd0u1722
is_in_path: no name list.
is_in_path: fd1h880
is_in_path: no name list.
is_in_path: fd0u830
is_in_path: no name list.
is_in_path: fd1h1200
is_in_path: no name list.
is_in_path: fd0u1743
is_in_path: no name list.
is_in_path: fd1h1440
is_in_path: no name list.
is_in_path: fd0u1040
is_in_path: no name list.
is_in_path: fd1h1476
is_in_path: no name list.
is_in_path: fd0u1120
is_in_path: no name list.
is_in_path: fd1h1494
is_in_path: no name list.
is_in_path: fd0u1760
is_in_path: no name list.
is_in_path: fd1h1600
is_in_path: no name list.
is_in_path: fd0u1920
is_in_path: no name list.
is_in_path: fd1u360

------ BREAK ----- You get the idea Every single file in /dev

is_in_path: no name list.
is_in_path: tty
is_in_path: no name list.
is_in_path: initctl
is_in_path: no name list.
is_in_path: xconsole
is_in_path: no name list.
is_in_path: cdrom
is_in_path: no name list.
is_in_path: scsi
is_in_path: no name list.
pty: try to open ptyp0, line was /dev/ptyXX
pty: try to open ptyp1, line was /dev/ptyp0
pty: try to open ptyp2, line was /dev/ptyp1
pty: try to open ptyp3, line was /dev/ptyp2
pty: try to open ptyp4, line was /dev/ptyp3
pty: opened /dev/ptyp4
Dochild for user skvidal (uid=0,gid=102)
response 1 incorrect
Child failed to change password: skvidal
size=59
smb_com=0x25
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=128
smb_flg2=1
smb_tid=113
smb_pid=28721
smb_uid=100
smb_mid=7041
smt_wct=10
smb_vwv[0]=4 (0x4)
smb_vwv[1]=0 (0x0)
smb_vwv[2]=0 (0x0)
smb_vwv[3]=4 (0x4)
smb_vwv[4]=55 (0x37)
smb_vwv[5]=0 (0x0)
smb_vwv[6]=0 (0x0)
smb_vwv[7]=59 (0x3B)
smb_vwv[8]=0 (0x0)
smb_vwv[9]=0 (0x0)
smb_bcc=4
08/21/97 00:38:03 Transaction 4 of length 39
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=0
smb_flg2=1
smb_tid=113
smb_pid=0
smb_uid=100
smb_mid=7169
smt_wct=0
smb_bcc=0
switch message SMBtdis (pid 1853)
chdir to /etc
unbecome_user now uid=(0,0) gid=(0,0)
08/21/97 00:38:03 lib-23 (192.168.3.203) closed connection to service IPC$
Yielding connection to 113 IPC$
08/21/97 00:38:03 tdis cnum=113
size=35
smb_com=0x71
smb_rcls=0
smb_reh=0
smb_err=0
smb_flg=128
smb_flg2=1
smb_tid=113
smb_pid=0
smb_uid=100
smb_mid=7169
smt_wct=0
smb_bcc=0
end of file from client
Closing connections
smb_shm_close
fcntl_lock 4 7 0 1 1
Lock call successful
calling smb_shm_unregister_process(/var/lock/samba/SHARE_MEM_FILE.processes,
1853)
smb_shm_unregister_process : read record for pid 1853
smb_shm_unregister_process : erasing record for pid 1853 (seek_val = -4)
fcntl_lock 4 7 0 1 2
Lock call successful
08/21/97 00:38:03 Server exit  (normal exit)
got SIGCLD





-----END LOG FILE----



If anyone can help me out. I am in dire straights right now to get this
system working and I need password changing to occur. I'll even be ok with
kludgy fixes. Anything will be helpful.

-sv
Seth Vidal
skvidal@ehc.edu
unix system breaker

> 
> Date: Tue, 19 Aug 1997 11:05:00 +0200
> From: Johnny Nordman <johnny.nordman@z.lst.se>
> To: "'samba@arvidsjaur.anu.edu.au'"
<samba@arvidsjaur.anu.edu.au>
> Subject: out of processes
> Message-ID: <01BCAC8F.C10D33E0@johnny-nordman>
> 
> Hello!
> 
> I use Samba 1.9.15p6 on a SPARCstation 4 running Solaris 2.5
> I use it as  printserver for about 170 Win95 clients.
> 
> Samba is the only application running on the machine.
> 
> Performance is very good but sometimes printing suddenly stops and I have
to reboot the machine. There is no time for checking processes etc.
> 
> Messages file on the unix machine says "out of processes".
> 
> 1. Is this a known problem?
> 
> 2.  Should I upgrade to a later Samba-version?
> 
> 3.  Maybe  increasing maxuser in /etc/system should solve the problem? But
it does not feel like the correct way to solve the problem.
> 
> _____________________________
> Med v?nliga h?lsningar/Best regards
> Johnny Nordman Systemadm.
> L?nsstyrelsen i J?mtlands l?n
> 831 86  ?STERSUND
> 
> email: johnny.nordman@z.lst.se
> Tfn:   063-14 62 62
> INT +46 63 14 62 62
> Fax: 063-14 63 20
> 

Hi Johnny,

If you get the error message cannot fork, too many processes, try using
the wait(1) command to clean up your background processes.  If this
doesn't help, the system process table is probably full or you have too
many active foreground processes.  (There is a limit to the number of
process ids associated with your login, and to the number the system can
keep track of.).

Not all the processes of a 3- or more-stage pipeline are children of the
shell, and thus cannot be waited for.
If n is not an active process id, all your shell's currently active
background processes are waited for and the return code will be zero.


Hope this helps. Greetings,

/Martin
-- 
Martin Mielke			 martin@jaleo.idecnet.com
Jaleo Crew - SysAdm	   voice: ++34 (9)28 262299

On Thu, 21 Aug 1997, Todd Pfaff wrote:
> in our environment, everyone with a unix account on the samba server
> should also have an entry in smbpasswd.  in the past i've initialized
this
> through a script which i call from my nis makefile to keep smbpasswd in
> sync with /etc/passwd.  it adds new users, deletes users who no longer
> exist in /etc/passwd, and leaves existing users alone (so as not to change
> their password).  when i add a new account, i naturally do an nis make and
> my smbpasswd file is brought up-to-date.  i had also made changes to
> smbpasswd such that a new user could log into their unix account and set
> their initial smb password if it was all X's (but of course, the
password
> would still be invalid until set).
> 
> in 1.9.17alpha, things have changed slightly (the 'NO PASSWORD'
string in
> the smbpasswd entry and the -add option to smbpasswd).  i made a couple of
> changes to smbpasswd.c that others may find useful.
> 
> if the password begins with a '*' then the user can hit return when
prompted
> for their old password, but the password is still considered invalid until
> set to something that doesn't begin with '*' or 'X'.
> 
> if smbpasswd.c is compiled with -DALLOW_ADD_USER, a non-root user can add
> a new entry for their username to smbpasswd if it does not yet exist
> (ie. if they run smbpasswd and their name is not found in the smbpasswd
> file, and they enter a valid password, a new entry is created for their
> username).  i also removed the -add option and made the default behaviour
> for root that the user is added if not found.
> 
YES! excellent - you came across the same problem that i did with 
smbpasswd, namely that it can't distinguish betwee newly added blank 
users, and users that have had their smb password account disabled.

not very useful from a configuration point of view...

by the way, the mods that i made clash nicely with yours: i added a 
system whereby you could do:

smbpasswd -add user passowrd - only as root.

luke