Author: Peter Bowyer Date: To: exim users Subject: Re: [exim] Options for authenticating against /etc/shadow
(PAM)withoutmaking exim suid root
2009/3/14 Jurrie Overgoor <jurrie@???>: > On 2008-08-28 08:48, Jaco van der Schyff wrote:
> > What are my options to auth against /etc/shadow using PAM without giving
> > exim too much priviledges?
> >
> > I currently have two options: chgrp exim /etc/shadow or write an
> > external authenticator (which is suid root) that returns a
> > true/false which I can evaluate in exim.
> >
> > Any other ideas?
>
> I configured this today using pwauth. Pwauth
> (http://unixpapa.com/pwauth/) is an external authenticator as you
> mention as the second option. It is written with Apache in mind, because
> Apache suffers from the same problem: need to run as root to
> authenticate to /etc/shadow
<snip>
Any chance you could work up a wiki page for that tip? Looks very useful.