samba - Aug 2003 - Incorrect smb.conf manual ??

>From samba 3 smb.conf manual :
---------
passwd program (G)

The name of a program that can be used to set UNIX user passwords. Any
occurrences of %u will be replaced with the user name. The user name is checked
for existence before calling the password changing program.
Also note that many passwd programs insist in reasonable passwords, such as a
minimum length, or the inclusion of mixed case chars and digits. This can pose a
problem as some clients (such as Windows for Workgroups) uppercase the password
before sending it.
Note that if the unix password sync parameter is set to yes then this program is
called AS ROOT before the SMB password in the smbpasswd(5) file is changed. If
this UNIX password change fails, then smbd will fail to change the SMB password
also (this is by design).
If the unix password sync parameter is set this parameter MUST USE ABSOLUTE
PATHS for ALL programs called, and must be examined for security implications.
Note that by default unix password sync is set to no.

See also unix password sync.
------

However, it seems that "passwd program" was runs as user who invoke
this program (ie. change his password form Win client) and *not* as
root.

Tested using samba3.0b3 and ldap backend.



--beast

On Thu, Aug 07, 2003 at 12:24:38PM +0700, Beast wrote:
> However, it seems that "passwd program" was runs as user who
invoke
> this program (ie. change his password form Win client) and *not* as
> root.
> 
> Tested using samba3.0b3 and ldap backend.
I've fixed this in the SAMBA_3_0 CVS - it'll be fixed in the
next beta.

Jeremy.