[Exim] Authentication with PAM

Top Page
Delete this message
Reply to this message
Author: Tim Dijkstra
Date:  
To: exim-users
New-Topics: [Exim] Blocking mail from "frozen" addresses
Subject: [Exim] Authentication with PAM
Hi,

I'm trying to set up authentication. I'm basicly following C039 (after
finding out that I can't use pam to look in the /etc/shadow file). This
means a separate passwd file and the use of the pam_pwdfile module. I
compiled exim.3.12-10 with pam support which I found in the
debian/stable source tree. I have the following section in exim.conf

<exim conf>
plain:
driver = plaintext
public_name = PLAIN
server_condition = "${if pam{$2:$3}{1}{0}}"
server_set_id = $2
</exim conf>

And in /etc/pam.d/exim the following
<pam conf>
auth     required       pam_pwdfile.so pwdfile /etc/exim/passwd 
account  required       pam_pwdb.so 
</pam conf


If feed exim with correct user and passwd, authentication succeeds (PAM
success). With existing user and wrong passwdm it fails (PAM error:
Authentication failure), and now for the strange behaviour, with non
existing user it succeeds! Here are some exim debug msgs:

<exim debug>
Running PAM authentication for user "tes"
PAM error: Authentication service cannot retrieve authentication info.
plain authenticator:
$1 =
$2 = tes
$3 = asddfdg

expanded string: 1
235 Authentication succeeded
<exim debug>

It seems that PAM generates an error and that exim thinks that all is
fine...
This seems a bug to me, or am I doing something wrong?

Thanks for the help,

Tim