On Matthew Weir O'Phinney's blog today, he has a new post that talks about a system he's been working on to change all of the network passwords from a single place - with a few headaches along the way.

I've been cobbling together a system at work for the last couple months to allow a single place for changing all network passwords. This includes a variety of database sources, as well as passwd files and smbpasswd files. I've been making use of PEAR's File_Passwd and File_SMBPasswd, and they've greatly simplified the task of updating passwords for those types of systems. However, I've encountered some issues that I never would have expected.

Some of these issues included wrong permissions on the samba password file and the struggle against the samba process to keep those permissions the same. He gets around it by creating a script with sudo permissions to reset the permissions as he needs it: " It's a hack, and could be made more secure, but it works."