[Dovecot] Re: Dovecot doesn't call pam_open_session, thus dodging
pam_mkhomedir
Pasi Sjoholm
ptsjohol at cc.jyu.fi
Wed Feb 2 20:19:52 EET 2005
On Tue, 1 Feb 2005, it was written:
> Nicolas Lopez wrote:
> > maildir and most of my accounts in LDAP. Since the accounts are created
> > through a web interface on another server home directories on the mail
> > server don't get created automatically. There's the handy pam module
> > pam_mkhomedir.so to automagically create home directories, but
> > unfortunatly Dovecot wasn't calling pam_open_session to run the session
> > setup pam modules. I made a small patch to passdb-pam.c to call
> > pam_open_session between pam_acct_mgmt and pam_get_item and now I my
> > home dirs are automagically created and everyone is happy.
> > So, I figured I'd share the little patch in case someone else finds it
> > useful. My patch doesn't properly close the session which will probably
> > iritate more advanced session modules that actually have something to
> > clean up, oh well.
This patch closes the session.. but you will see many "opened session\n
closed session"-lines on your log files. =)
--cut--
--- src/auth/passdb-pam.c-org 2004-10-07 08:38:28.000000000 +0300
+++ src/auth/passdb-pam.c 2004-10-07 08:38:59.000000000 +0300
@@ -193,6 +193,18 @@
return status;
}
+ if ((status = pam_open_session(pamh, 0)) != PAM_SUCCESS) {
+ *error = t_strdup_printf("pam_open_session(%s) failed: %s",
+ user, pam_strerror(pamh, status));
+ return status;
+ }
+
+ if ((status = pam_close_session(pamh, 0)) != PAM_SUCCESS) {
+ *error = t_strdup_printf("pam_close_session(%s) failed: %s",
+ user, pam_strerror(pamh, status));
+ return status;
+ }
+
status = pam_get_item(pamh, PAM_USER, (linux_const void **)&item);
if (status != PAM_SUCCESS) {
*error = t_strdup_printf("pam_get_item(%s) failed: %s",
--cut--
> I am running dovecot-0.99.13 on FC2 with pam_mkhomedir, and it has been
> working fine. Not sure why you are having a problem. If I could just
> figure out how to get Exim to do the same, I'd be happy :-)
I think that Fedora has probably patched that version of dovecot which
they are providing.
--
Pasi Sjöholm
More information about the dovecot
mailing list