I have created a Samba Active Directory PDC that runs inside a Podman container.
I was trying to working on how to restore the server from an offline backup, when I encountered something unexpected on the setup of the backup server.
I have a file called setup_samba.sh that is being called only during initialization a container running Samba.
It came back with following error:
Initializing samba database...
chpasswd: (user root) pam_chauthtok() failed, error:
Authentication token manipulation error
chpasswd: (line 1, user root) password not changed
The beginning of the setup_samba.sh file is as follow:
#!/bin/bash
set -e
SAMBA_DOMAIN="EXAMPLE"
SAMBA_REALM="example.com"
LDAP_ALLOW_INSECURE=${LDAP_ALLOW_INSECURE:-false}
if [[ $SAMBA_HOST_IP ]]; then
SAMBA_HOST_IP="--host-ip=${SAMBA_HOST_IP}"
fi
SAMBA_CONF_BACKUP=/var/lib/samba/private/smb.conf
KRBKEYTAP_CONF_BACKUP=/var/lib/samba/private/krb5.keytab
echo "Initializing samba database..."
# Generate passwords or re-use them from the environment
ROOT_PASSWORD="1tsAs3cr3t!"
SAMBA_ADMIN_PASSWORD="1tsAs3cr3t!"
export KERBEROS_PASSWORD="1tsAs3cr3t!"
echo "root:$ROOT_PASSWORD" | chpasswd
Why does chpasswd complain about authentication token manipulation error?
Searching online I find explanations like "file permission" error and the like, which doesn't quite translate to a setup script running as root inside a brand new container built from a Dockerfile.
So what else is going on?
