[Dovecot] PAM Error on POP3s auth? And apop?

[Bruce Lane]

Fellow Dovecot'ers,

	I've -almost- got Dovecot completely functional, and I will add that it works just fine for non-authenticated POP3.

	The problem begins when I try to use authentication for same against the system's /etc/passwd section. This is the error message that comes up in /var/log/maillog

Jul  9 21:14:10 featherweb dovecot: auth(default): pam(kyrrin at bluefeathertech.com,192.168.42.40): pam_start() failed: system error
Jul  9 21:14:17 featherweb dovecot: pop3-login: Aborted login: user=<kyrrin at bluefeathertech.com>, method=PLAIN, rip=192.168.42.40, lip=192.168.42.130, TLS

	THE PLATFORM: NetBSD 3.0, Postfix 2.3-RC8 (soon to be replaced by an official release in the coming week), and whatever the current release candidate of Dovecot is.

	I did some googling for that pam_start error, and discovered (much to my annoyance) that it may be a system bug within NetBSD 3.0. If that's the case, given that I don't have anywhere near the programming skill to even try and correct it, it'll mean I'm pretty much stuck until the NetBSD developers fix it, or until I can figure out an alternate authentication method that won't be an administrative nightmare.

	Does anyone have any ideas on this? For the benefit of poking and pondering, this is the relevant section of my dovecot.conf file.

auth default {
  # Space separated list of wanted authentication mechanisms:
  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
  mechanisms = plain login
  passdb pam {
  }
  userdb passwd {
  }
  socket listen {
        client {
        path = /var/spool/postfix/private/auth
        mode = 0660
        user = postfix
        group = postfix
  }
 }
}

	And this is the contents of the file 'dovecot' in the directory /etc/pam.d

# PAM configuration for the "dovecot" subsystem.
#
# auth
auth            required        pam_nologin.so          no_warn
auth            required        pam_unix

	That entry should, in theory, block all logins if the /etc/nologin file is present, and then hand off to the pam_unix module if it's not. pam_unix, in NetBSD, is the module that authenticates against the /etc/passwd file.

	As I said, further thoughts would be welcome. If it is a NetBSD system bug causing that pam_auth error, ideas for a simple workaround until the NetBSD crew gets things patched up would also be welcome.

	Thanks in advance.


-=-=-=-=-=-=-=-=-=-=-=-
Bruce Lane, Owner & Head Hardware Heavy,
Blue Feather Technologies -- http://www.bluefeathertech.com
kyrrin (at) bluefeathertech do/t c=o=m
"If Salvador Dali had owned a computer, would it have been equipped with surreal ports?"