[Dovecot] auth-worker always opens PAM session
Miguel Di Ciurcio Filho
miguel at ic.unicamp.br
Sat Feb 21 22:07:00 EET 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Timo Sirainen wrote:
>
> Why do you think it is opening sessions?
>
Dovecot giving this memory errors about being unable to load
pam_limits.so seamed strange to me.
dovecot-auth: PAM adding faulty module: /lib64/security/pam_limits.so
dovecot-auth: PAM unable to dlopen(/lib64/security/pam_limits.so)
dovecot-auth: PAM [error: /lib64/security/pam_limits.so: failed to map
segment from shared object: Cannot allocate memory]
Because pam_limits is configured to be loaded only on sessions in pam's
configuration on my CentOS server.
Sorry for my ignorance, but isn't this code setting pam_session TRUE by
default? Just a hunch, since it is being set to 1.
struct pam_passdb_module {
struct passdb_module module;
const char *service_name, *pam_cache_key;
unsigned int pam_setcred:1;
unsigned int pam_session:1;
unsigned int failure_show_msg:1;
};
>> /* -session for backwards compatibility */
>> if (strcmp(t_args[i], "-session") == 0 ||
>> strcmp(t_args[i], "session=yes") == 0)
>> module->pam_session = TRUE;
> Why? That code sets it to TRUE only when -session or session=yes
> parameter is seen.
I know, but as I said earlier it looks to me that module->pam_session is
already TRUE even if there is no session=yes.
Sorry to bother if I'm reading the source code wrong.
Regards,
Miguel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iEYEARECAAYFAkmgXuQACgkQA18OC149llIfCACfdlNKe0bGtnNEqfBKbSRqaq4P
hEcAn1HUCN4O45l/SJ8NEyb3Gt1qg68S
=ErwH
-----END PGP SIGNATURE-----
More information about the dovecot
mailing list