Auteur: Christopher Curtis Datum: Aan: Tim Dijkstra CC: exim-users@exim.org Onderwerp: Re: [Exim] Authentication with PAM
On Tue, 6 Nov 2001, Tim Dijkstra wrote:
> Christopher Curtis wrote:
> >
> > On Tue, 6 Nov 2001, Tim Dijkstra wrote:
> >
> > > I'm trying to set up authentication. I'm basicly following C039 (after
> > > finding out that I can't use pam to look in the /etc/shadow file). This
> >
> > Why is this? I have exim authenticating against /etc/shadow --
>
> I tried authenticating against /etc/shadow, but it wouldn't work. After
> trying to debug the thing, I dug into the exim-users list archives. I
> found out that cause exim authenticates while being UID=8 the PAM's will
> not authenticate. They will only grant that to processes that have read
> privileges on /etc/shadow.
Okay, direct authentication will not work. I chgrp'd /etc/shadow to be
mail and it works until you run adduser, which changes it back to shadow.
I have something running which changes the group to 'root', but I have no
idea what's doing that. It's a hassle to say the least. Adding the exim
user to /etc/group shadow did work for me either, but /etc/shadow may have
been group root at the time. argh! So I went with PAM:
> <cut your setup> > But now I am confused.... You state the precise opposite. What version
> are you running? I use the one in the debian/stable (3.12-10). You
> probably not. If not, my guess is that exim is now using root privileges
> to authenticate... Maybe I just have to try debain/testing.
Yeah, stable relies on ldap and all sorts of other funky stuff I didn't
want, so I upgraded straight to unstable (there was something else that I
wanted that wasn't in testing yet) and apt-get install exim-tls
