summaryrefslogtreecommitdiff
path: root/source3/smbd/password.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd/password.c')
-rw-r--r--source3/smbd/password.c10
1 files changed, 8 insertions, 2 deletions
diff --git a/source3/smbd/password.c b/source3/smbd/password.c
index 1c72f0cfa6..c2b916a0af 100644
--- a/source3/smbd/password.c
+++ b/source3/smbd/password.c
@@ -442,13 +442,19 @@ static BOOL pam_auth(char *this_user,char *password)
PAM_username = this_user;
pam_error = pam_start("samba", this_user, &PAM_conversation, &pamh);
PAM_BAIL;
- pam_error = pam_authenticate(pamh, 0);
+/* Setting PAM_SILENT stops generation of error messages to syslog
+ * to enable debugging on Red Hat Linux set:
+ * /etc/pam.d/samba:
+ * auth required /lib/security/pam_pwdb.so nullok shadow audit
+ * _OR_ change PAM_SILENT to 0 to force detailed reporting (logging)
+ */
+ pam_error = pam_authenticate(pamh, PAM_SILENT);
PAM_BAIL;
/* It is not clear to me that account management is the right thing
* to do, but it is not clear that it isn't, either. This can be
* removed if no account management should be done. Alternately,
* put a pam_allow.so entry in /etc/pam.conf for account handling. */
- pam_error = pam_acct_mgmt(pamh, 0);
+ pam_error = pam_acct_mgmt(pamh, PAM_SILENT);
PAM_BAIL;
pam_end(pamh, PAM_SUCCESS);
/* If this point is reached, the user has been authenticated. */