[Exim] need help to port pam_exim to kernel-2.6

hi folks,

i got a few complaints about pam_exim not working with kernel-2.6 so i decided
to give it a try today. And what i saw was really unpleasant ... it really
does not work.

As far as i could see the module and the helper-binary are working quite good
and really fine.

The pam-library does a execve on the helper-binary and the helper-binary
checks the pass and says everthing ok. If the password is right it does

exit(0);

if it is not it does exit(1);

As far as i could see this worked fine on kernel-2.4 with exim. But with
kernel-2.6 it seemed to have stopped working.

Here a strace at the end of the helper-binary jumping back to exim:

[pid 11998] open("/etc/shadow", O_RDONLY) = 6
[pid 11998] fcntl64(6, F_GETFD)         = 0
[pid 11998] fcntl64(6, F_SETFD, FD_CLOEXEC) = 0
[pid 11998] fstat64(6, {st_mode=S_IFREG|0600, st_size=1321, ...}) = 0
[pid 11998] old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|
MAP_ANONYMOUS, -1, 0) = 0x40017000
[pid 11998] _llseek(6, 0, [0], SEEK_CUR) = 0
[pid 11998] _llseek(6, 0, [0], SEEK_SET) = 0
[pid 11998] read(6, "root:$1$g4rw6rXe$OHiLr9kjePvK9DX"..., 4096) = 1321
[pid 11998] close(6)                    = 0
[pid 11998] munmap(0x40017000, 4096)    = 0
[pid 11998] geteuid32()                 = 0
[pid 11998] setuid32(8)                 = 0
[pid 11998] brk(0x8055000)              = 0x8055000
[pid 11998] time([1092916423])          = 1092916423
[pid 11998] getpid()                    = 11998
[pid 11998] rt_sigaction(SIGPIPE, {0x4012d918, [], 0x4000000}, {SIG_IGN}, 8) =
0
[pid 11998] socket(PF_UNIX, SOCK_DGRAM, 0) = 6
[pid 11998] fcntl64(6, F_SETFD, FD_CLOEXEC) = 0
[pid 11998] connect(6, {sin_family=AF_UNIX, path="      /dev/log"}, 16) = 0
[pid 11998] send(6, "<39>Aug 19 13:53:43 exim_chkpwd["..., 72, 0) = 72
[pid 11998] rt_sigaction(SIGPIPE, {SIG_IGN}, NULL, 8) = 0
[pid 11998] close(6)                    = 0
[pid 11998] _exit(0)                    = ?
[pid 11997] <... wait4 resumed> 0xbfffdf7c, 0, NULL) = -1 ECHILD (No child
processes)
[pid 11997] getuid32()                  = 8
[pid 11997] geteuid32()                 = 8
[pid 11997] ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
[pid 11997] readlink("/proc/self/fd/0", 0x80fc0f8, 4095) = -1 EACCES
(Permission denied)
[pid 11997] fstat64(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) =
0
[pid 11997] stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] open("/dev/null", O_RDONLY|O_NONBLOCK|O_DIRECTORY) = -1 ENOTDIR
(Not a directory)
[pid 11997] open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3
[pid 11997] fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] getdents64(3, /* 3 entries */, 1024) = 72
[pid 11997] stat64("/dev/pts/0", {st_mode=S_IFCHR|0620, st_rdev=makedev(136,
0), ...}) = 0
[pid 11997] close(3)                    = 0
[pid 11997] access("/var/run/utmpx", F_OK) = -1 ENOENT (No such file or
directory)
[pid 11997] open("/var/run/utmp", O_RDWR) = -1 EACCES (Permission denied)
[pid 11997] open("/var/run/utmp", O_RDONLY) = 3
[pid 11997] fcntl64(3, F_GETFD)         = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] _llseek(3, 0, [0], SEEK_SET) = 0
[pid 11997] alarm(0)                    = 0
[pid 11997] rt_sigaction(SIGALRM, {0x403b5f54, [], 0x4000000}, {0x805c38c, [],
0x4000000}, 8) = 0
[pid 11997] alarm(1)                    = 0
[pid 11997] fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0,
len=0}) = 0
[pid 11997] read(3,
"\10\0\0\0\226\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\10\0\0\0>\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\7\0\0\0\367\3\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
len=0}) = 0
[pid 11997] rt_sigaction(SIGALRM, {0x805c38c, [], 0x4000000}, NULL, 8) = 0
[pid 11997] alarm(0)                    = 1
[pid 11997] close(3)                    = 0
[pid 11997] ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
[pid 11997] readlink("/proc/self/fd/0", 0x80fc0f8, 4095) = -1 EACCES
(Permission denied)
[pid 11997] fstat64(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) =
0
[pid 11997] stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3
[pid 11997] fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] getdents64(3, /* 3 entries */, 1024) = 72
[pid 11997] stat64("/dev/pts/0", {st_mode=S_IFCHR|0620, st_rdev=makedev(136,
0), ...}) = 0
[pid 11997] close(3)                    = 0
[pid 11997] access("/var/run/utmpx", F_OK) = -1 ENOENT (No such file or
directory)
[pid 11997] open("/var/run/utmp", O_RDWR) = -1 EACCES (Permission denied)
[pid 11997] open("/var/run/utmp", O_RDONLY) = 3
[pid 11997] fcntl64(3, F_GETFD)         = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] _llseek(3, 0, [0], SEEK_SET) = 0
[pid 11997] alarm(0)                    = 0
[pid 11997] rt_sigaction(SIGALRM, {0x403b5f54, [], 0x4000000}, {0x805c38c, [],
0x4000000}, 8) = 0
[pid 11997] alarm(1)                    = 0
[pid 11997] fcntl64(3, F_SETLKW, {type=F_RDLCK, whence=SEEK_SET, start=0,
len=0}) = 0
[pid 11997] read(3,
"\10\0\0\0\226\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\2\0\0\0\0\0\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\1\0\0\0003N\0\0~\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\10\0\0\0>\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] read(3,
"\7\0\0\0\367\3\0\0pts/0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 384) = 384
[pid 11997] fcntl64(3, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
len=0}) = 0
[pid 11997] rt_sigaction(SIGALRM, {0x805c38c, [], 0x4000000}, NULL, 8) = 0
[pid 11997] alarm(0)                    = 1
[pid 11997] close(3)                    = 0
[pid 11997] ioctl(0, TCGETS, {B38400 opost isig icanon echo ...}) = 0
[pid 11997] readlink("/proc/self/fd/0", 0x80fc0f8, 4095) = -1 EACCES
(Permission denied)
[pid 11997] fstat64(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 0), ...}) =
0
[pid 11997] stat64("/dev/pts", {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] open("/dev/pts", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = 3
[pid 11997] fstat64(3, {st_mode=S_IFDIR|0755, st_size=0, ...}) = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] getdents64(3, /* 3 entries */, 1024) = 72
[pid 11997] stat64("/dev/pts/0", {st_mode=S_IFCHR|0620, st_rdev=makedev(136,
0), ...}) = 0
[pid 11997] close(3)                    = 0
[pid 11997] access("/var/run/utmpx", F_OK) = -1 ENOENT (No such file or
directory)
[pid 11997] open("/var/run/utmp", O_RDWR) = -1 EACCES (Permission denied)
[pid 11997] open("/var/run/utmp", O_RDONLY) = 3
[pid 11997] fcntl64(3, F_GETFD)         = 0
[pid 11997] fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
[pid 11997] _llseek(3, 0, [0], SEEK_SET) = 0
[pid 11997] alarm(0)                    = 0
[pid 11997] rt_sigaction(SIGALRM, {0x403b5f54, [], 0x4000000}, {0x805c38c, [],
0x4000000}, 8) = 0
[pid 11997] alarm(1)                    = 0

this is the exim-debug-output

13:45:03 11781 Running PAM authentication for user "exim-pass"
13:45:03 11781 --Malloc 0x80fbc90    16       string.c  368 24600 8680
13:45:05 11781 PAM error: Authentication failure
13:45:05 11781 condition: pam{$2:$3}
13:45:05 11781    result: false
13:45:05 11781 ---0 Get 0x80ee0d0   104       string.c  856
13:45:05 11781 ---0 Rst 0x80ee0d2    **       expand.c 4029 24600
13:45:05 11781 expanding: 1
13:45:05 11781    result: 1
13:45:05 11781 skipping: result is not used
13:45:05 11781 ---0 Get 0x80ee0d8   104       string.c  856
13:45:05 11781 ---0 Rst 0x80ee0da    **       expand.c 4029 24600
13:45:05 11781 expanding: 0
13:45:05 11781    result: 0
13:45:05 11781 ---0 Get 0x80ee0e0   104       string.c  856
13:45:05 11781 ---0 Rst 0x80ee0e2    **       expand.c 4029 24600
13:45:05 11781 expanding: ${if pam{$2:$3}{1}{0}}
13:45:05 11781    result: 0
13:45:05 11781 plain authenticator:
13:45:05 11781   $1 = exim-pass
13:45:05 11781   $2 = exim-pass
13:45:05 11781   $3 = <pass>
13:45:05 11781 expanded string: 0
13:45:05 11781 ---0 Get 0x80ee0e8   104       string.c  856
13:45:05 11781 ---0 Rst 0x80ee0f2    **       expand.c 4029 24600
13:45:05 11781 expanding: $2
13:45:05 11781    result: exim-pass
13:45:05 11781 ---0 Get 0x80ee0f8    24       string.c  349
13:45:05 11781 ---0 Get 0x80ee110    56       string.c  349
13:45:05 11781 SMTP>> 535 Incorrect authentication data
13:45:05 11781 tls_do_write(80e7010, 35)
13:45:05 11781 SSL_write(SSL, 80e7010, 35)
13:45:05 11781 outbytes=35 error=0
13:45:05 11781 LOG: MAIN REJECT
13:45:05 11781   plain authenticator failed for (localhost) [82.83.168.189]:
535 Incorrect authentication data (set_id=exim-pass)
13:45:05 11781 Calling SSL_read(80fa3a8, 810a778, 4096)
13:45:05 11781 SSL info: SSL negotiation finished successfully

Any ideas why it stopped working?

thanx

andreas

--
e-admin internet gmbh
Andreas Gietl                                            tel +49 941 3810884
Ludwig-Thoma-Strasse 35
93051 Regensburg                                  mobil +49 171 6070008

PGP/GPG-Key unter http://www.e-admin.de/gpg.html