Comment 63 for bug 212098

Revision history for this message
Didier Roche-Tolomelli (didrocks) wrote :

Here is a patch proposition for intrepid after a talk with slangasek (even if a sudoer is in the right group from installation, libpam-smbpasswd has to be installed, and then the user has to authenticate, before that user can be used for authentication to shares).

The only matter is that I based my return on retval, which is the result from synaptic. Even if the download/install failed, the return value is "TRUE", prompting for restarting session… (I can also test if /usr/sbin/smbd is executable, but that will not handle the case where samba installed correctly but not libpam-smbpass).

The last case I described in my previous comment (for an user to ask an administrator to add it to enable sharing right for him, and the admin use "switch user" or ssh to the machine, ie the user didn't reload its environment) is not taken into account by this fix. Steve told that this is far from what we want to adress (making the change as less intrusive as possible) and that's right.
If we want to achieve this, a solution might be :
- retrieve current session user group (if in sambashare group), if not :
  - get the group list from /etc/groups using getwgrent()
  - if the result is that the user is in the sambashare group that probably means that the user didn't reload the session, so, prompt for it -> we can assume that if this is the case, the NTLM hash password will be in the same time generated.

But well this is obviously just a workaround.

In the debdiff (with also a little fix for not destroyed window):

nautilus-share (0.7.2-0ubuntu7) intrepid; urgency=low

  * 02_install_missing_samba.dpatch:
    - prompt for restarting session when installing samba and libpam-smbpass
      to create NTLM password hash (sudoers are already in sambashare group
      in intrepid) (LP: #212098)
    - hidden window was not destroyed if user accepts installing samba