Re: [Exim] PLAIN authentification isn't working

Top Page
Delete this message
Reply to this message
Author: Josh Siegel
Date:  
To: Artem S. Tashkinov
CC: exim-users
Subject: Re: [Exim] PLAIN authentification isn't working
exim resets its own userid which prevents PAM from working. You either need
to modify the source code for the pam libraries to make it be willing to run
in a non-root mode OR use a external authentication system (like my
authcheck thing I posted earlier) which WILL stay root.

      --josh


----- Original Message -----
From: "Artem S. Tashkinov" <birdie@???>
To: <exim-users@???>
Sent: Friday, January 24, 2003 10:19 AM
Subject: [Exim] PLAIN authentification isn't working


> here's my AUTHENTICATION CONFIGURATION:
>
> begin authenticators
>
> plain:
>     driver = plaintext
>     public_name = PLAIN
>     server_condition = "${if pam{$2:$3}{yes}{no}}"
>     server_set_id = $2
>     server_prompts = :

>
> # End of Exim configuration file
>
> The problem is that exim can't authentificate user using Linux PAM
> module, from /var/log/messages
> ...
> Jan 24 22:37:28 bobik exim(pam_unix)[2537]: authentication failure;
> logname= uid=8 euid=8 tty= ruser= rhost= user=myuser
> ...
>
>
> and from /var/log/exim/main.log
> ...
> 2003-01-24 22:46:59 Authentication failed for myuser.myserver.ru
> (myserver.ru) [192.168.128.55]: 535 Incorrect authentication data
> (set_id=myuser)
> ...
>
>
> Exim itself generates this (exim -bd -d9)
> ...
> Running PAM authentication for user "myuser"
> PAM error: Authentication failure
> login authenticator:
>    $1 =
>    $2 = myuser
>    $3 = mypassword
> ...

>
>
> Exim is setuid root on exim and has this /etc/pam.d/exim file:
> #%PAM-1.0
> auth            required        /lib/security/pam_listfile.so item=user
> sense=deny file=/etc/security/blacklist onerr=succeed
> auth            required        /lib/security/pam_listfile.so item=user
> sense=deny file=/etc/security/blacklist.exim onerr=succeed
> auth            required        /lib/security/pam_unix.so
> auth            required        /lib/security/pam_tally.so
> file=/var/log/faillog onerr=succeed no_magic_root
> auth            required        /lib/security/pam_nologin.so
> account         required        /lib/security/pam_tally.so deny=0
> file=/var/log/faillog onerr=succeed no_magic_root
> account         required        /lib/security/pam_unix.so
> session         required        /lib/security/pam_unix.so

>
>
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim

details at http://www.exim.org/ ##
>
>