Hallo Am Freitag, 5. Februar 2010 schrieb Al Bogner: snip
passwd program = /usr/bin/passwd %u passwd chat = qwertz passwd chat debug = yes
Sollte da wirklich ein PW im Klartext stehen, gefällt mir nicht besonders. Nein, da steht kein Passwort im Klartext. "to chat" = plaudern, schwätzen der "passwd chat" ist der Dialog, der abgespult wird, wenn das Passwort geändert werden soll, a la: Geben Sie Ihr Passwort ein:pppppp¹ Wiederholen Sie es, falls Sie Legastheniker sind:pppppp ... Sind Sie sicher, dass Ihr Passwort richtig geschrieben ist:pppppp Sind Sie ganz sicher:pppppp
Das kannst du ausbauen bis der Arzt kommt :-) oder bis 1024 Zeichen voll sind. Aus "man 5 smb.conf" passwd chat (G) This string controls the "chat" conversation that takes places between smbd(8) and the local password changing program to change the user´s password. The string describes a sequence of response-receive pairs that smbd(8) uses to determine what to send to the passwd program and what to expect back. If the expected output is not received then the password is not changed. This chat sequence is often quite site specific, depending on what local methods are used for password control (such as NIS etc). Note that this parameter only is used if the unix password sync parameter is set to yes. This sequence is then called AS ROOT when the SMB password in the smbpasswd file is being changed, without access to the old password cleartext. This means that root must be able to reset the user´s password without knowing the text of the previous password. In the presence of NIS/YP, this means that the passwd program must be executed on the NIS master. The string can contain the macro %n which is substituted for the new password. The old passsword (%o) is only available when encrypt passwords has been disabled. The chat sequence can also contain the standard macros \n, \r, \t and \s to give line-feed, carriage-return, tab and space. The chat sequence string can also contain a ´*´ which matches any sequence of characters. Double quotes can be used to collect strings with spaces in them into a single string. If the send string in any part of the chat sequence is a full stop ".", then no string is sent. Similarly, if the expect string is a full stop then no string is expected. If the pam password change parameter is set to yes, the chat pairs may be matched in any order, and success is determined by the PAM result, not any particular output. The \n macro is ignored for PAM conversions. Default: passwd chat = *new*password* %n\n*new*password* %n\n *changed* Example: passwd chat = "*Enter NEW password*" %n\n "*Reenter NEW password*" %n\n "*Password changed*" Die Manualseiten existieren ;-) ¹Das pppppp soll andeuten, dass jetzt das Passwort getippt wird -- Mit freundlichen Grüßen Matthias Müller (Benutzer #439779 im Linux-Counter http://counter.li.org) PS: Bitte senden Sie als Antwort auf meine E-Mails reine Text-Nachrichten!