On Sun, Nov 17, 2002 at 09:58:02AM -0600, Jerry Amundson wrote: > But authldap still gives me... > Nov 17 09:11:44 arsenic authdaemond.ldap: authlib: refuse to authenticate >[EMAIL PROTECTED]: uid=0, gid=0 > > My authldaprc does not have a valid LDAP_HOMEDIR (even though it says it MUST), so >is that the issue? Why does this machine need one if there is no delivery on it?
I only use courier-imap/sqwebmail, but I do know that authlib does a chdir(homedir) immediately upon authentication (see authlib/success.c) and bombs out if it can't. You could always create an attribute containing '/tmp' to fake it. Actually my POP3 mailserver doesn't have "home directories" for each user either, since all mailboxes are owned by the same uid; they just have different Maildirs. I point LDAP_HOMEDIR and LDAP_MAILDIR to the same LDAP attribute. What could be useful behaviour though, is if homedir is unset, to chdir to the homedirectory of the selected delivery user (UID) which in turn comes from LDAP_UID or LDAP_GLOB_UID That would be pretty easy to do. In authsuccess, one branch which calls authchangeusername() already does a getpwnam, so the information is available for free. The branch which calls authchangeuidgid() would be slightly more expensive with an extra getpwuid. That seems pretty clean to me. I suppose the other thing which could be done is to have an LDAP_GLOB_HOMEDIR setting for accounts which don't have a HOMEDIR. Regards, Brian. ------------------------------------------------------- This sf.net email is sponsored by: To learn the basics of securing your web site with SSL, click here to get a FREE TRIAL of a Thawte Server Certificate: http://www.gothawte.com/rd524.html _______________________________________________ courier-users mailing list [EMAIL PROTECTED] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
