From owner-freebsd-current@FreeBSD.ORG  Mon Nov 24 03:13:03 2003
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Delivered-To: freebsd-current@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 137A416A4CE
	for <freebsd-current@freebsd.org>;
	Mon, 24 Nov 2003 03:13:03 -0800 (PST)
Received: from cultdeadsheep.org (charon.cultdeadsheep.org [80.65.226.72])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C267A43FDD
	for <freebsd-current@freebsd.org>;
	Mon, 24 Nov 2003 03:13:00 -0800 (PST)
	(envelope-from sheepkiller@cultdeadsheep.org)
Received: (qmail 83167 invoked by uid 85); 24 Nov 2003 12:12:58 +0100
Received: from sheepkiller@cultdeadsheep.org by goofy.cultdeadsheep.org by uid
	82 with qmail-scanner-1.20rc2  ( Clear:RC:1:. 
	Processed in 0.0964 secs); 24 Nov 2003 11:12:58 -0000
Received: from persephone.cultdeadsheep.org (192.168.0.8)
  by goofy.cultdeadsheep.org with SMTP; 24 Nov 2003 12:12:57 +0100
Received: (qmail 9444 invoked from network); 24 Nov 2003 12:12:43 +0100
Received: from unknown (HELO lucifer.cultdeadsheep.org) (192.168.0.2)
	by persephone.cultdeadsheep.org with DES-CBC3-SHA encrypted SMTP;
	24 Nov 2003 12:12:43 +0100
Date: Mon, 24 Nov 2003 12:13:05 +0100
From: Clement Laforet <sheepkiller@cultdeadsheep.org>
To: Yuri Khotyaintsev <yuri@irfu.se>
Message-Id: <20031124121305.3a824f3b.sheepkiller@cultdeadsheep.org>
In-Reply-To: <200311241039.16134.yuri@irfu.se>
References: <200311241039.16134.yuri@irfu.se>
Organization: tH3 cUlt 0f tH3 d3@d sH33p
X-Mailer: Sylpheed version 0.9.7 (GTK+ 1.2.10; i386-portbld-freebsd5.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
cc: freebsd-current@freebsd.org
Subject: Re: pam_ldap and passwd
X-BeenThere: freebsd-current@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Discussions about the use of FreeBSD-current
	<freebsd-current.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-current>
List-Post: <mailto:freebsd-current@freebsd.org>
List-Help: <mailto:freebsd-current-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-current>,
	<mailto:freebsd-current-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 24 Nov 2003 11:13:03 -0000

On Mon, 24 Nov 2003 10:39:16 +0100
Yuri Khotyaintsev <yuri@irfu.se> wrote:

> I have a server where I use pam_ldap and nss_ldap. Everything works
> fine except for changing passwords:
> 
> [user@ice][~]# passwd
> passwd: Sorry, `passwd' can only change passwords for local or NIS
> users.
> 
> As I understand pam_ldap supports changing LDAP passwords. Is it
> supposed to work on FreeBSD ?

according to src/usr.bin/passwd/passwd.c:
...
        /* check where the user's from */
        switch (pwd->pw_fields & _PWF_SOURCE) {
        case _PWF_FILES:
                fprintf(stderr, "Changing local password for %s\n",
                    pwd->pw_name);
                break;
        case _PWF_NIS:
                fprintf(stderr, "Changing NIS password for %s\n",
                    pwd->pw_name);
                break;
        default:
                /* XXX: Green men ought to be supported via PAM. */
                errx(1, 
          "Sorry, `passwd' can only change passwords for local or NIS users.");
        }
...

If you change default: behaviour you CAN change your password. Currently,
passwd is not fully PAM-aware. 

clem