Re: [exim] Exim, NSS, winbind...

Top Page

Reply to this message
Author: Marco Gaiarin
To: Chr. von Stuckrad via Exim-users
CC: exim-users
Subject: Re: [exim] Exim, NSS, winbind...
Mandi! Chr. von Stuckrad via Exim-users
In chel di` si favelave...

> I have not looked 'into' exim (sources), but something similar happened
> here with the change to NSS. After the switch from using 'pam with ldap'
> to 'pam + NSS with the same ldap', the simple line 'getent passwd'
> (i.e. routines 'getpwent', 'setpwent', 'endpwent') did show *only*
> the cached users!
> So every program could find users 'explicitly' by asking for an uid or
> user-name, but no more by 'getting all and then searching internally'.

Mmm... interesting...

Effectively winbind have, by default, 'user and group enumeration' disabled
by default, eg, as yoiu sayed, a 'getenet passwd' return nothing (apart
/etc/passwd) but 'getent passwd gaio' return... me. ;)

But still is strange: if this is the case, i will have users delivery
trouble *ever*, and not only in domain controller connection trouble.

So, still seeking feedback...

  Io ammiro gli americani per come fanno le trattative: prima di tutto
  pensano a se stessi, poi a se stessi, e solo alla fine a se stessi.
                        (Ignacio Lula da Silva)