[Dovecot] PAM auth problem

[Taras Savchuk]

In FreeBSD pam_group does exactly what I want:

NAME
      pam_group -- Group PAM module

SYNOPSIS
      [service-name] module-type control-flag pam_group [arguments]

DESCRIPTION
      The group service module for PAM accepts or rejects users based on 
their
      membership in a particular file group.

      The following options may be passed to the pam_group module:

      deny       Reverse the meaning of the test, i.e., reject the 
applicant if
                 and only if he or she is a member of the specified group.
                 This can be useful to exclude certain groups of users from
                 certain services.

      fail_safe  If the specified group does not exist, or has no 
members, act
                 as if it does exist and the applicant is a member.

      group=groupname
                 Specify the name of the group to check.  The default is
                 ``wheel''.

      root_only  Skip this module entirely if the target account is not the
                 superuser account.

SEE ALSO
      pam.conf(5), pam(8)

AUTHORS
      The pam_group module and this manual page were developed for the 
FreeBSD
      Project by ThinkSec AS and NAI Labs, the Security Research Division of
      Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
      (``CBOSS''), as part of the DARPA CHATS research program.

FreeBSD 6.2                    February 6, 2003 
FreeBSD 6.2


John Robinson пишет:
> On 28/03/2007 16:52, Taras Savchuk wrote:
>> Pam auth don't work when I add pam_group:
> 
> pam_group grants membership to groups, it can't be used to authenticate. 
> Use pam_wheel or pam_succeed_if, and see 
> http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/Linux-PAM_SAG.html
> 
> Cheers,
> 
> John.

-- 
С уважением, Савчук Тарас
ООО "Элантек" : Аутсорсинг ИТ, WEB-разработка
http://www.elantech.ru
+7 (495) 589 68 81
+7 (926) 575 22 11