mksmbpasswd, called from samba postinst, should not create Samba user for user with uid <1000
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
samba (Debian) |
Fix Released
|
Unknown
|
|||
samba (Ubuntu) |
Fix Released
|
Wishlist
|
Unassigned |
Bug Description
When installing the samba package, the postinst script may be calling mksmbpasswd to import the Unix user into the Samba user backend. This is controlled by the debconf variable samba/generate_
The way mksmbpasswd is called is indiscriminate, and will create a Samba user for all entries returned by getent passwd. This include system user (those with uid < 1000) such as root, games, lp, etc. While these users do not have a Samba password set (and hence cannot be used to connect to the Samba service), they are still very much unlikely to be useful in the context of Samba and should not be imported.
The best would be for mksmbpasswd to import only user with uid >= 1000, or at least have a blacklist of user it should not import.
Changed in samba (Debian): | |
status: | Unknown → New |
Changed in samba (Debian): | |
status: | New → Fix Committed |
Changed in samba (Debian): | |
status: | Fix Committed → Fix Released |
Im having a look at this.
chuck