Author: Phil Pennock Date: To: exim-users Subject: Re: [Exim] Exim and PAM, again
On 2000-09-13 at 16:45 +0100, Christi Alice Scarborough gifted us with: > Assumning this is correct, why doesn't adding the exim user to group
> shadow make this work?
Because Exim is a setuid root binary, which when acting as a daemon (and
assuming that it doesn't go into unprivileged mode) will set itself to
the user/group ids defined in the Makefile. It doesn't call
initgroups() and so the entry in /etc/group is never seen.
Exim uses initgroups on a transport if told to use the 'initgroups'
option, but AFAIK there is no 'transport' associated with incoming SMTP.
If there were, a _lot_ of config would move out of the main config
section. :^)
You either remake Exim in group shadow, or you consider alternatives.
Ie, write a daemon or use pam_pwdfile and avoid system passwords.
--
A science is said to be useful if its development tends to accentuate the
existing inequalities in the distribution of wealth, or more directly promotes
the destruction of human life - Godfrey Hardy, A Mathematician's Apology, 1941