[Pkg-samba-maint] Bug#700729: swat: Password management has stopped working
Andrew Bartlett
abartlet at samba.org
Mon Feb 18 00:00:54 UTC 2013
On Sat, 2013-02-16 at 18:24 +0000, Roger Lynn wrote:
> Package: swat
> Version: 2:3.6.6-5
> Severity: important
>
> Hi,
>
> At some point in the last month server password management using Swat has
> stopped working. Swat can be logged into and the old and new server passwords
> entered, but choosing "Change Password" appears to just reload the page
> without changing anything. Entering the wrong old password or mismatching
> new passwords does the same thing.
>
> The only relevant logging I can find is in /var/log/samba/log. which has
> recently started getting lots of lines like this when Swat is used:
>
> [2013/02/16 15:02:30.297508, 0] passdb/secrets.c:76(secrets_init)
> Failed to open /var/lib/samba/secrets.tdb
>
> As my only use of Swat is to allow users to change their passwords, this has
> had a major affect on the usability of the package.
Please report upstream. We may somehow be able to obtain the CSRF token
and store it in memory before we become the non-privileged user.
Just to be sure, are you running SWAT as root, from xinetd?
Thanks,
Andrew Bartlett
--
Andrew Bartlett http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
More information about the Pkg-samba-maint
mailing list