[Dovecot] comment on dovecot documentation on PAM
Ken A
ka at pacific.net
Fri May 12 00:22:11 EEST 2006
president at irithm.com wrote:
> Dear Dovecote devotees,
>
> I have been going through dovecot configuration for the
> first time. I am not an experienced systems administrator
> so I had to do a left turn to read up about PAM while
> doing all the configuration for my new webmail service.
>
> I found that the writing in the dovecot documentation about
> PAM to be rather misleading in at least one aspect.
> The documentation I am specifically referring to is at
> http://wiki.dovecot.org/Authentication?highlight=%28authentication%29
> and in the comments found in the dovecot.conf file.
> In this documentation PAM is referred to as a password database.
> It appears that is not correct, rather PAM is something
> that uses a password database.
>
> Since the default for "auth_passdb" given in dovecot.conf was
> "pam" I spent sometime trying to find a pam password database.
> I eventually found out at an independent website that what pam
> uses is either /etc/passwd or /etc/shadow or /etc/samba/smbpasswd.
> It was a relief to find out pam uses one of these, since
> my system has one of them (/etc/shadow), but I was looking to
> find something quite different for pam since /etc/shadow is
> one of the listed alternative values for "auth_passdb".
>
> I would have been spared a somewhat lengthy search to find out
> this information if the documentation was written rather more
> clearly. So, to help others, I suggest changing the following
> lines in dovecot.conf
>
> # Where password database is kept:
> # passwd: /etc/passwd or similiar, using getpwnam()
> # shadow: /etc/shadow or similiar, using getspnam()
> # pam [<service> | *]: PAM authentication
>
> to:
>
> # Where password database is kept:
> # passwd: /etc/passwd or similiar, using getpwnam()
> # shadow: /etc/shadow or similiar, using getspnam()
> # pam [<service> | *]: /etc/shadow or similiar, using PAM
> authentication
Or maybe see
http://en.wikipedia.org/wiki/Pluggable_Authentication_Modules for even
more ways to get Pam educated.
Watch out for all the wikipedia entrys on Pamela Anderson tho, since
they are not even remotely related to dovecot configuration.
Ken A
>
> Updating the documentation in
> http://wiki.dovecot.org/Authentication?highlight=%28authentication%29
> to include a phrase that mentions that PAM authentication
> works from one of the standard password databases (i.e. /etc/passwd,
> /etc/shadow or /etc/samba/smbpasswd) would also be helpful.
>
> yours sincerely,
>
> Rolf
>
>
>
More information about the dovecot
mailing list