1 <samba:parameter xmlns:samba="http://samba.org/common">
2 <term><anchor id="PASSWDCHAT"/>passwd chat (G)</term>
3 <listitem><para>This string controls the <emphasis>"chat"</emphasis>
4 conversation that takes places between <citerefentry><refentrytitle>smbd</refentrytitle>
5 <manvolnum>8</manvolnum></citerefentry> and the local password changing
6 program to change the user's password. The string describes a
7 sequence of response-receive pairs that <citerefentry><refentrytitle>smbd</refentrytitle>
8 <manvolnum>8</manvolnum></citerefentry> uses to determine what to send to the
9 <link linkend="PASSWDPROGRAM"><parameter moreinfo="none">passwd program</parameter>
10 </link> and what to expect back. If the expected output is not
11 received then the password is not changed.</para>
13 <para>This chat sequence is often quite site specific, depending
14 on what local methods are used for password control (such as NIS
16 <para>Note that this parameter only is only used if the <link linkend="UNIXPASSWORDSYNC"><parameter moreinfo="none">unix
17 password sync</parameter></link> parameter is set to <constant>yes</constant>. This
18 sequence is then called <emphasis>AS ROOT</emphasis> when the SMB password
19 in the smbpasswd file is being changed, without access to the old
20 password cleartext. This means that root must be able to reset the user's password
21 without knowing the text of the previous password. In the presence of NIS/YP,
22 this means that the <link linkend="PASSWDPROGRAM">passwd program</link> must be
23 executed on the NIS master.
27 <para>The string can contain the macro <parameter moreinfo="none">%n</parameter> which is substituted
28 for the new password. The chat sequence can also contain the standard
29 macros <constant>\\n</constant>, <constant>\\r</constant>, <constant>
30 \\t</constant> and <constant>\\s</constant> to give line-feed,
31 carriage-return, tab and space. The chat sequence string can also contain
32 a '*' which matches any sequence of characters.
33 Double quotes can be used to collect strings with spaces
34 in them into a single string.</para>
36 <para>If the send string in any part of the chat sequence
37 is a full stop ".", then no string is sent. Similarly,
38 if the expect string is a full stop then no string is expected.</para>
40 <para>If the <link linkend="PAMPASSWORDCHANGE"><parameter moreinfo="none">pam
41 password change</parameter></link> parameter is set to <constant>yes</constant>, the chat pairs
42 may be matched in any order, and success is determined by the PAM result,
43 not any particular output. The \n macro is ignored for PAM conversions.
46 <para>See also <link linkend="UNIXPASSWORDSYNC"><parameter moreinfo="none">unix password
47 sync</parameter></link>, <link linkend="PASSWDPROGRAM"><parameter moreinfo="none">
48 passwd program</parameter></link> ,<link linkend="PASSWDCHATDEBUG">
49 <parameter moreinfo="none">passwd chat debug</parameter></link> and <link linkend="PAMPASSWORDCHANGE">
50 <parameter moreinfo="none">pam password change</parameter></link>.</para>
52 <para>Default: <command moreinfo="none">passwd chat = *new*password* %n\\n
53 *new*password* %n\\n *changed*</command></para>
54 <para>Example: <command moreinfo="none">passwd chat = "*Enter OLD password*" %o\\n
55 "*Enter NEW password*" %n\\n "*Reenter NEW password*" %n\\n "*Password
56 changed*"</command></para>
git.samba.org / samba.git / blob