I was putting together a new server and I decided to take another look. The problem ended up in the checkpassword-pam module on Illumos (Solaris). Illumos (and possibly other Unix derivatives) require that pam has PAM_TTY set before starting a session. The checkpassword-pam module doesn't do this. I posted a bug report but my solution was to add the following code just before opening the pam session (in pam-support.c).
retval = pam_set_item(pamh, PAM_TTY, "/dev/null");
if (retval != PAM_SUCCESS) {
fatal("Setting PAM_TTY failed: %s", pam_strerror(pamh, retval));
return 1;
}
I just thought I'd send this information along in case anyone else was
having issues with spamdyke authorization.
Sam, How's the "next gen" version coming? Will it support IPv6? Gary
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ spamdyke-users mailing list spamdyke-users@spamdyke.org http://www.spamdyke.org/mailman/listinfo/spamdyke-users
