On Wed, 25 Sep 2013, Phil Pennock wrote:
>> Could someone tell me how to pass the ip or hostname information to the
>> pam module?
>
> Second option: use the forthcoming Exim 4.82 release, in which the Cyrus
> SASL support has been upgraded to pass the remote IP/host information
> into the SASL libraries. Configure the SASL system to use saslauthd and
> configure saslauthd to use PAM authentication.
I have tried this with Exim 4.82.1 on a FreeBSD 9.2 machine.
Although the authentication is sucessful with the one-time passwd (otp),
the IP still is saved a "(null)".
Configuration
-------------
begin authenticators
plain:
driver = plaintext
public_name = PLAIN
server_prompts = :
server_set_id = "$2/$sender_host_address"
server_condition = ${if saslauthd{{$2}{$3}{exim}}{1}{0}}
server_advertise_condition = true
login:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
server_condition = ${if saslauthd{{$1}{$2}{exim}}{1}{0}}
server_set_id = "$1/$sender_host_address"
server_advertise_condition = true
Saslauthd
---------
% ps ax | grep sasl
10154 ?? Is 0:00.01 /usr/local/sbin/saslauthd -a pam
PAM
---
% grep /vol/auth /etc/pam.d/exim
auth sufficient pam_idng.so otp saveotp=/vol/auth/exim otpsavetimeout=43200 otpsavemode=440 otpsaveownset=exim:mail noechopass
%cat /vol/auth/exim/ephraim
(null):479206
Note that a similar line works properly with Dovecot:
% grep /vol/auth /etc/pam.d/dovecot
auth sufficient pam_idng.so otp saveotp=/vol/auth/dovecot otpsavetimeout=43200 otpsavemode=440 otpsaveownset=exim:mail noechopass
% cat /vol/auth/dovecot/ephraim
132.65.80.15:317602
--------------------------------------
Any suggestions would be appreciated.
_____________________________________
Ephraim Silverberg, CSE System Group,
Hebrew University, Jerusalem, Israel.
Phone/Fax number: +972-2-5494521
