summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorJohn Terpstra <jht@samba.org>1998-01-10 11:42:29 +0000
committerJohn Terpstra <jht@samba.org>1998-01-10 11:42:29 +0000
commit0e7be4859732283602732ac6a2110712221dc442 (patch)
tree7a96eb0a339c73558f821b85fb7b1ad2b290ff67 /source3
parent5c6525003c4070f4fdbb4513601bee7abc6d8bf5 (diff)
downloadsamba-0e7be4859732283602732ac6a2110712221dc442.tar.gz
samba-0e7be4859732283602732ac6a2110712221dc442.tar.bz2
samba-0e7be4859732283602732ac6a2110712221dc442.zip
Following discussions with Cristian Gafton (Red Hat) we have decided to make
PAM silent about it's actions. This reduced error logging for EVERY password validation request. Refer to password.c PAM section for further info. Fiels Affected: password.c (This used to be commit 7a1a8042dd005e26e610a16eaaa693f119b874c7)
Diffstat (limited to 'source3')
-rw-r--r--source3/smbd/password.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 1c72f0cfa6..c2b916a0af 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -442,13 +442,19 @@ static BOOL pam_auth(char *this_user,char *password)
PAM_username = this_user;
pam_error = pam_start("samba", this_user, &PAM_conversation, &pamh);
PAM_BAIL;
- pam_error = pam_authenticate(pamh, 0);
+/* Setting PAM_SILENT stops generation of error messages to syslog
+ * to enable debugging on Red Hat Linux set:
+ * /etc/pam.d/samba:
+ * auth required /lib/security/pam_pwdb.so nullok shadow audit
+ * _OR_ change PAM_SILENT to 0 to force detailed reporting (logging)
+ */
+ pam_error = pam_authenticate(pamh, PAM_SILENT);
PAM_BAIL;
/* It is not clear to me that account management is the right thing
* to do, but it is not clear that it isn't, either. This can be
* removed if no account management should be done. Alternately,
* put a pam_allow.so entry in /etc/pam.conf for account handling. */
- pam_error = pam_acct_mgmt(pamh, 0);
+ pam_error = pam_acct_mgmt(pamh, PAM_SILENT);
PAM_BAIL;
pam_end(pamh, PAM_SUCCESS);
/* If this point is reached, the user has been authenticated. */