Re: [Courier-imap] Problems with authdaemon and pam configuration SOLVED

Thu, 23 Mar 2006 03:17:04 -0800 

Ok, we got It.

The final solution was using authpipe, discarding the old pam module.

Thanks all for your recomendations.

Pablo.


El mar, 14-03-2006 a las 16:43 +0000, Brian Candler escribió:
> On Tue, Mar 14, 2006 at 02:21:15PM +0100, Pablo Martn-Portugus wrote:
> > Thanks, this is ok.
> > 
> > The problem is that I don't want pam to look for the user at /etc/passwd
> > (pam_unix.so and pam_unix2.so).
> 
> I'll try again.
> 
> (1) PAM itself does not provide *any* way to obtain the home directory or
> uid/gid of an account. That's a fundamental limitation of PAM. It simply
> does not perform this job.
> 
> (2) courier-imap *must* have the home directory and uid/gid of an account in
> order to open a mailbox.
> 
> (3) courier-imap calls the getpwnam() system call to find the home directory
> and uid/gid.
> 
> If you have not configured your Unix box otherwise, getpwnam() looks in
> /etc/passwd for this information. This is just how Unix works. Some systems
> let you configure getpwnam() to look in other places, e.g. using
> nsswitch.conf.
> 
> > The custom module we made authenticates the user against SQLServer via
> > Servlet, and returns
> > 
> > retval = PAM_SUCCESS; 
> 
> Lovely. So now you have to write a custom nsswitch module which will return
> the homedirectory, uid and gid for the account.
> 
> Alternatively, look at authpipe, which lets you write your own custom
> authdaemon module which does both functions (validate the password, and
> return the homedir/uid/gid)
> 
> Brian.
> 




-------------------------------------------------------
This SF.Net email is sponsored by xPML, a groundbreaking scripting language
that extends applications into web and mobile media. Attend the live webcast
and join the prime developer group breaking into this new coding territory!
http://sel.as-us.falkag.net/sel?cmd=lnk&kid0944&bid$1720&dat1642
_______________________________________________
Courier-imap mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap

Reply via email to