pam auth problem

3 Aug 2017


      dovecot --version
2.2.31 (65cde28)
on freebsd 64 10.3
system converted to dovecot 2 against my will and consuming a lot of
time sorting it out.  i am glad google does not charge.  have spent
two hours on this one alone; and undoubtedly it is my st00pidity.  so
excuse my desperate posting to lazynet.
cram-md5 works, pam not so much
Aug  3 06:06:35 psg auth: in openpam_parse_chain(): /etc/pam.d/dovecot(1): missing or invalid facility
Aug  3 06:06:35 psg dovecot: auth-worker(48815): Error: pam(elb,2604:6000:130d:c31b:d250:99ff:fe90:14dd,<Lyh6LtNVMq8mBGAAEw3DG9JQmf/+kBTd>): pam_start() failed: system error
Aug  3 06:06:35 psg auth: in openpam_parse_chain(): /etc/pam.d/dovecot(1): missing or invalid facility
Aug  3 06:06:35 psg dovecot: auth-worker(48815): Error: pam(elb,2604:6000:130d:c31b:d250:99ff:fe90:14dd,<Lyh6LtNVMq8mBGAAEw3DG9JQmf/+kBTd>): pam_start() failed: system error
2.2.31 (65cde28): /usr/local/etc/dovecot/dovecot.conf
OS: FreeBSD 10.3-RELEASE-p20 amd64
auth_mechanisms = plain login cram-md5
first_valid_gid = 0
mail_location = mbox:~/mail/:INBOX=/var/mail/%u
mail_privileged_group = mail
namespace inbox {
inbox = yes
location =
prefix =
}
passdb {
args = scheme=cram-md5 /usr/local/etc/dovecot.cram-md5
driver = passwd-file
name = passwd-file
}
passdb {
driver = pam
}
passdb {
driver = pam
name = pam
}
pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
protocols = imap pop3
service auth {
unix_listener auth-userdb {
group = mail
}
}
service imap-login {
inet_listener imaps {
port = 993
ssl = yes
}
}
service pop3-login {
inet_listener pop3 {
port = 110
}
inet_listener pop3s {
port = 995
ssl = yes
}
}
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key =  # hidden, use -P to show it
userdb {
driver = passwd
}
cat /etc/pam.d/dovecot
passdb {
driver = pam
args = failure_show_msg=yes
args = %s
}

pam auth problem

Randy Bush

dovecot --version

2.2.31 (65cde28): /usr/local/etc/dovecot/dovecot.conf

OS: FreeBSD 10.3-RELEASE-p20 amd64

cat /etc/pam.d/dovecot