On Fri, 4 May 2001, Gabor Gludovatz wrote:
> server_condition = "${if pam{$1:$2}{1}{0}}" > I think the problem is that, that exim tries to authenticate as user mail
yes
> (uid 8) and it is unable to. Is there a nice solution to this problem?
no. not with current linux pam. a workaround is to generate a simple
"username:passwordhash" out of /etc/{passwd,shadow} periodically and
use a file lookup on that. ugly, but currently either this, or
separate your mail users entirely from the system users. there's
rumoured to be a hack around this pam `limitation' (i couldn't yet
decide whether this is a limitation, an implementation problem, or
what), but i never bothered to find it; separation was a better
solution for my needs.
ps. philip, i think i've tried using pam lookup with a 0640
root:shadow /etc/shadow file and starting exim as `sg shadow -c "exim
..."', and also putting the user `mail' (which exim runs as) into the
`shadow' group, but iirc, it failed. the latter one for sure, the
previous one maybe (hm, its getting late..). i think exim either does
not initialize the supplementary groups correctly if at all. is this
really the case, or, as usual, was it my PEBKAC ?
--
[-]
"cvs szerver a weben = olyan cvs szerver amit az interneten keresztul
cvs szerverkent el lehet erni" -- <dobos_s@???>