On Montag, 1. April 2013, firstname.lastname@example.org wrote:
> Author: mike-gabriel-guest
> Date: 2013-04-01 12:53:32 +0000 (Mon, 01 Apr 2013)
> New Revision: 79569
> Fix passwd sync in Samba, point users to using GOsa?\194?\178 for password
> changes. (Partially resolves: #656296).
at first I was only concered, because I couldnt see debian-edu-config depend or recommend krb5-admin-server which provices /usr/sbin/kadmin.local
but then I also wondered about the following:
> + # sync Kerberos password via kadmin.local
> + unix password sync = yes
> + passwd program = /usr/sbin/kadmin.local -q 'cpw %u'
> + passwd chat = "Authenticating as principal*"\n"Enter password for
> principal *"%u"*:*" %n\n \n"Re-enter password for principal *"%u"*:*" %n\n
this doesn't allow for translations :-(
> \n"Password for *"%u"@* changed."\n + # dangerous: reveals clear text
> password in Samba log files... + passwd chat debug = no
what? or rather, what the f?! why oh why by the love of kittens, why does it write passwords into a logfile? My brain hurts.
If this is really the case, I suggest to revert this "fix". This is worse than how it was before.
Description: This is a digitally signed message part.