[courier-users] Courier and PAM's session management service (Again)

Sun, 07 Jul 2002 13:36:06 -0700 

Hi,

I am using WinBind to authenticate IMAP and ESMTP logins on my Linux mail
server (Courier MTA version 0.35) to my Win2k Domain Controller. That way,
users who have an account in the Win2k domain can use the same username and
password to login to my Linux mail server. WinBind (included in my Samba
2.2.5 installation) plugs into PAM and Courier supports PAM through the
authpam module, so everything works fine up to a certain point.

Imagine that a newly created user uses his/her favourite Email program to
log into my IMAP server. The IMAP daemon verifies the user's password
through authdaemon. authdaemon sends the  request to authpam, which sends it
to PAM, which sends it to the pam_winbind module, which sends it to the
domain controller. Once the user is authenticated the IMAP daemon looks for
the user's maildir. It looks for it in the user's home. But there is no user
home yet. Of course the administrator could create one, but I would like it
to be created automatically.

Luckily there is the pam_mkhomedir module which can be used to create a home
directory when a user log in for the first time. The pam_mkhomeir module
provides the PAM session service so my /etc/pam.d/imap contains the
following line:

session    required    /lib/security/pam_mkhomedir.so    ...

Unfortunately, IMAPD doesn't seem to invoke the session service and I don't
know why. Consequently, the home directory is not created and IMAP can't
find the user's maildir.

There is special code ("session voodoo") for PAM's session service in
Courier's authpam.c but that doesn't seem to be invoked. Is this because I
am using authdaemon? If I recall correctly , authdaemon provides
asynchronous authentication which sort of contradicts the idea of a
"session".

Any ideas on how to solve this problem are welcome. I'd also appreciate
alternative solutions for my "create maildir on the fly" approach.




-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
We have stuff for geeks like you.
http://thinkgeek.com/sf
_______________________________________________
courier-users mailing list
[EMAIL PROTECTED]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users

Reply via email to