Gabriel Matthews
2002-Dec-11 22:45 UTC
[Samba] question about security, UID, and /var/log/messages
When I restart Samba, and then connect to it from an XP screen, I get the following message in the /var/log/messages file: Dec 11 16:36:38 yavin smb: smbd shutdown succeeded Dec 11 16:36:39 yavin smb: nmbd shutdown succeeded Dec 11 16:36:39 yavin smb: smbd startup succeeded Dec 11 16:36:39 yavin smb: nmbd startup succeeded Dec 11 16:36:48 yavin samba(pam_unix)[1742]: session opened for user gabriel by (uid=0) Now, username 'gabriel' is the same user/pass on our NT domain on the linux machine, and I have added it to the smbpasswd file using smbpasswd. My thought is that the (uid=0) -should- be uid=500, which is the uid of my linux username. When another user connects to the server, the same message pops up in the log file, but with their username, and the same uid.. so it would say 'user jimmy by (uid=0). That's what makes me think it's not mapping the NT domain user account to the linux passwd account properly.. Any ideas, if I'm right or wrong or reading it incorrectly? My overall problem is that I am unable to print to a printer hosted from the linux machine.. I can browse a public folder that I created, make/delete files in the folder, browse my own personal folder, and everything seems to be working fine. But when I add the printer, the printer adds okay but shows "access denied, unable to open" in the 'status' line of the printer in windows. So what I'm trying to do is figure out where the security is failing. If for some reason, the linux server doesn't know how to map my Nt username to the passwd username and the samba encrypted password username, then I need to know how to debug that.. Gabriel Matthews Network Support Cinergy Communications gabriel@cinergycom.com
I know this is a stupid question, but I'm a bit lost here. I want to set up winbindd on my server to do all the authentication stuff, and in the man page it says this: In /etc/pam.d/* replace the auth lines with something like this: auth required /lib/security/pam_securetty.so auth required /lib/security/pam_nologin.so auth sufficient /lib/security/pam_winbind.so auth required /lib/security/pam_pwdb.so use_first_pass shadow nullok Okay... /pam.d/* mean to replace those lines in every file within the pam.d folder? because there are quite a few files in there, and I don't want to go in and edit them all, unless I really have to. Gabriel