From 5cd3d3f14ef56ff5f1d92aba0174649f3d368f66 Mon Sep 17 00:00:00 2001 From: Alexander Bokovoy Date: Thu, 27 Mar 2003 15:27:19 +0000 Subject: Add new framework for smb.conf(5). Please read README before trying to compile. I will commit more meta-information updates during week-end. (This used to be commit 8d684dffab6a90b3d612a1aa2b2c457a2bc2e6ac) --- docs/docbook/smbdotconf/security/passwdchat.xml | 58 +++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 docs/docbook/smbdotconf/security/passwdchat.xml (limited to 'docs/docbook/smbdotconf/security/passwdchat.xml') diff --git a/docs/docbook/smbdotconf/security/passwdchat.xml b/docs/docbook/smbdotconf/security/passwdchat.xml new file mode 100644 index 0000000000..922f1a878c --- /dev/null +++ b/docs/docbook/smbdotconf/security/passwdchat.xml @@ -0,0 +1,58 @@ + + passwd chat (G) + This string controls the "chat" + conversation that takes places between smbd + 8 and the local password changing + program to change the user's password. The string describes a + sequence of response-receive pairs that smbd + 8 uses to determine what to send to the + passwd program + and what to expect back. If the expected output is not + received then the password is not changed. + + This chat sequence is often quite site specific, depending + on what local methods are used for password control (such as NIS + etc). + Note that this parameter only is only used if the unix + password sync parameter is set to yes. This + sequence is then called AS ROOT when the SMB password + in the smbpasswd file is being changed, without access to the old + password cleartext. This means that root must be able to reset the user's password + without knowing the text of the previous password. In the presence of NIS/YP, + this means that the passwd program must be + executed on the NIS master. + + + + The string can contain the macro %n which is substituted + for the new password. The chat sequence can also contain the standard + macros \\n, \\r, + \\t and \\s to give line-feed, + carriage-return, tab and space. The chat sequence string can also contain + a '*' which matches any sequence of characters. + Double quotes can be used to collect strings with spaces + in them into a single string. + + If the send string in any part of the chat sequence + is a full stop ".", then no string is sent. Similarly, + if the expect string is a full stop then no string is expected. + + If the pam + password change parameter is set to yes, the chat pairs + may be matched in any order, and success is determined by the PAM result, + not any particular output. The \n macro is ignored for PAM conversions. + + + See also unix password + sync, + passwd program , + passwd chat debug and + pam password change. + + Default: passwd chat = *new*password* %n\\n + *new*password* %n\\n *changed* + Example: passwd chat = "*Enter OLD password*" %o\\n + "*Enter NEW password*" %n\\n "*Reenter NEW password*" %n\\n "*Password + changed*" + + -- cgit