[Dovecot] Dovecot 1.2.x passwd and shadow auth w/ PAM
Timo Sirainen
tss at iki.fi
Wed May 11 01:18:58 EEST 2011
You could set it to be run as a user that has group=shadow privileges.
On 11.5.2011, at 1.17, Steven King wrote:
> Interesting... #2 corrected it. Set the auth process to run as root...
>
> Is that safe?
>
> On 5/10/11 6:13 PM, Timo Sirainen wrote:
>> On 11.5.2011, at 1.10, Steven King wrote:
>>
>>> Turning on auth debugging
>>>
>>> May 10 18:09:22 auth(default): Info: shadow(mjb,69.2.98.5): lookup
>>> May 10 18:09:22 auth(default): Info: shadow(mjb,69.2.98.5): unknown user
>>>
>>> These messages suggest that the auth mechanisms can't find the user. Though the user clearly exists in both /etc/passwd and /etc/shadow.
>> getspnam() doesn't see the user existing. There are 3 possibilies that I can think of:
>>
>> 1) the user truely doesn't exist in there
>>
>> 2) the file can't be opened due to auth process being run without root privileges (default in v2.0) - dovecot -n output would show this
>>
>> 3) SELinux or similar preventing Dovecot from accessing /etc/shdadow
>>
>
> --
> Steve King
>
> Senior Linux Engineer - Advance Internet, Inc.
> Cisco Certified Network Associate
> CompTIA Linux+ Certified Professional
> CompTIA A+ Certified Professional
>
More information about the dovecot
mailing list