[dovecot] Re: pam + radius
Timo Sirainen
tss at iki.fi
Tue Oct 29 07:01:46 EET 2002
On Tue, 2002-10-29 at 06:00, Hielke Christian Braun wrote:
> > You probably don't have the users in /etc/passwd file too, right?
>
> I have the users in the passwd and shadow files as i need that for quotas
> to work. Though in the shadow file i don't have the password and only a x.
> The problem must be something else.
Well .. I don't know then really. Since you did get it to work by
changing PAM to use shadow auth, Dovecot is doing it at least partly
right. Maybe the radius PAM module requires something that Dovecot
didn't do..
Looking at Courier's PAM handling, it does pam_setcred() which dovecot
doesn't. You could try if doing that helps:
src/auth/userinfo-pam.c, around line 169, insert between
pam_authenticate() and pam_acct_mgmt():
if ((status = pam_setcred(pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) {
if (status == PAM_ABORT)
i_fatal("pam_setcred_mgmt() requested abort");
return FALSE;
}
> Maybe it dovecot sets a realm, which is then mistakenly used by
> the pam radius module, but not by the passwd/shadow module?
PAM doesn't have any support for realms AFAIK.
More information about the dovecot
mailing list