[stunnel-users] Trouble wrapping samba SWAT...
Ludolf Holzheid
lholzheid at bihl-wiedemann.de
Mon Jun 16 21:47:58 CEST 2014
On Mon, 2014-06-16 12:53:36 +0200, Marco Gaiarin wrote:
>
> [..]
>
> and in /etc/stunnel/swat.conf.inetd:
>
> cert = /etc/ssl/certs/LNFFVGNobel.pem
> key = /etc/ssl/private/LNFFVGNobel.pem
> CAfile = /etc/ssl/certs/LNFFVG.pem
>
> service = swat
> exec = /usr/sbin/swat
> execargs = swat -P
>
> [..]
>
> the only thing i suppose is that for some reason stunnel4, run by root
> in inetd, then switch to an unprivileged user before running swat,
> preventing access to /var/lib/samba/secrets.tdb .
Marco,
I don't think stunnel changes the user ID without a 'setuid = '
statement in the configuration file (as it does not know which user ID
to switch to). Are you sure, swat isn't changing the user ID? Does
it work without being wrapped by stunnel?
Ludolf
--
Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
Tel: +49 621 33996-0
Fax: +49 621 3392239
mailto:lholzheid at bihl-wiedemann.de
http://www.bihl-wiedemann.de
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796
More information about the stunnel-users
mailing list