Autor: Lena Fecha: A: exim-users Asunto: Re: [exim] plaintext pam
> From: andreas graeper
> :: is something like an escape of ':' as '\\' for '\' or \" for " inside
> ".." in other situations ?!
Yes.
> there are lots of other tools/services that use pam and never before i
> heard that they need read access to /etc/shadow ?
Perhaps those services run as root. Authenticators in Exim are ran
as Exim user.
> > I use FreeBSD. PAM modules are invoked under "mailnull" user (not root),
> > so besides proper file in pam.d you need to give the "mail" group
> > read access to the master.passwd file (then you can use either pam or
> > crypteq), but that's frowned upon in FreeBSD. Instead I use
> > POP3 server ("popa3d" port) on the same machine for authentication.
> > For that I created a file /etc/pam.d/exim with 2 lines:
> >
> > auth required /usr/local/lib/pam_pop3.so hostname=localhost info pwprompt=Password: timeout=5
> > account required pam_permit.so > > Distfile: http://lena.kiev.ua/pam_pop3-1.0.tar.gz