On Fri, Jun 13, 2008 at 07:30:18AM +0200, Tom De Puysseleyr wrote:
> > Also, you haven't shown how you configured pam. If pam is falling back
> > to system passwords, then tell it not to do so (in /etc/pam.d/{pop3,imap}
> > or wherever it is on your system)
>
> Well, that's one of the things I'm not sure of: which file in /etc/pam.d/ is
> used when I run authtest?
You can see it in the debug log you provided:
> Jun 13 07:28:21 vmvmai authdaemond: pam_service=login, pam_username=coz
^^^^^^^^^^^^^^^^^
More specifically:
[courier-authlib/authtest.c]
fprintf(stderr, "Usage: authtest [-s service] userid [ password [
newpassword ] ]\n");
exit(1);
...
const char *service="login";
...
if (auth_passwd(service, argv[argn],
argv[argn+1],
argv[argn+2]))
[courier-imap/imap/imaplogin.c]
strcat(strcpy(authservice, "AUTHSERVICE"),
getenv("TCPLOCALPORT"));
p=getenv(authservice);
if (!p || !*p)
p="imap";
[courier-imap/imap/pop3login.c]
strcat(strcpy(authservice,
"AUTHSERVICE"),getenv("TCPLOCALPORT"));
q=getenv(authservice);
if (!q || !*q)
q="pop3";
So in summary:
* authtest will ask for service "login" unless you override this with the -s
option
* imapd will ask for service "imap" unless you override this using
environment variables, e.g. AUTHSERVICE993=imaps
* pop3d will ask for service "pop3" unless you override this using
environment variables, e.g. AUTHSERVICE995=pop3s
This means you should be using "authtest -s imap" or "authtest -s pop3" to
get more realistic behaviour from authtest with authpam.
Then you can change /etc/pam.d/imap and /etc/pam.d/pop3 to customise the
behaviour to your liking.
HTH,
Brian.
-------------------------------------------------------------------------
Check out the new SourceForge.net Marketplace.
It's the best place to buy or sell services for
just about anything Open Source.
http://sourceforge.net/services/buy/index.php
_______________________________________________
Courier-imap mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
