9648 – pam_winbind does not support use_uid option and PAM_IGNORE return value

Bug 9648 - pam_winbind does not support use_uid option and PAM_IGNORE return value

Summary: pam_winbind does not support use_uid option and PAM_IGNORE return value

Status:	NEW

Alias:	None

Product:	Samba 3.6
Classification:	Unclassified
Component:	Winbind (show other bugs)
Version:	3.6.12
Hardware:	All All

Importance:	P5 normal
Target Milestone:	---
Assignee:	Guenther Deschner
QA Contact:	Samba QA Contact

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-02-09 18:40 UTC by Alexey
Modified:	2013-02-20 00:17 UTC (History)
CC List:	1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Alexey 2013-02-09 18:40:17 UTC

I've tried to use pam_winbind.so module in pam.d/so-l configuration file with require_membership_of option but was surprised that pam_winbind cannot use original user credentials (like pam_wheel does with option use_uid) and cannot be configured to reply PAM_IGNORE instead of PAM_SUCCESS or FAIL - it always checked for root account and not my AD user.
It will be nice if you can add support for these options.