Re: [exim] Exim-users Digest, Vol 51, Issue 28

Top Page
Delete this message
Reply to this message
Author: Lena
Date:  
To: exim-users
Old-Topics: [exim] Options for authenticating against /etc/shadow (PAM) withoutmaking exim suid root
Subject: Re: [exim] Exim-users Digest, Vol 51, Issue 28
> From: Jaco van der Schyff

> What are my options to auth against /etc/shadow using PAM without giving
> exim too much priviledges?
>
> I currently have two options: chgrp exim /etc/shadow or write an
> external authenticator (which is suid root) that returns a
> true/false which I can evaluate in exim.


> From: Stephen Gran


> saslauthd.


A way without one more daemon: if you have POP3 server on that machine
(I use popa3d) then pam_pop3. My /etc/pam.d/exim (FreeBSD) contains two lines:

auth required /usr/local/lib/pam_pop3.so hostname=localhost info pwprompt=Password: timeout=5
account required pam_permit.so