Re: [exim] Set rhost for PAM authentication

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-users
Subject: Re: [exim] Set rhost for PAM authentication
On 07/01/2021 22:50, Yves Goergen via Exim-users wrote:
> To be honest, I have no idea how PAM communicates internally. This code is largely based on another module that comes with Linux and does something similar, pam_userdb.c.
>
> I see "exim" as the service name. I don't know what the remote_user field is and don't regard it. Dovecot sends the IP address string as remote host


So, you'll want to use the exim variable $sender_host_address for
an element in your list of fields.

>
> From what I've read, I believed that these fields are more or less defined in PAM, just like the return codes and stuff. Let's see... Here's the code of dovecot:
>
> https://github.com/dovecot/core/blob/master/src/auth/passdb-pam.c
>
> It contains the PAM_RHOST constant. Looks like PAM knows what that field means. And there is a pam_set_item function that looks like it should be called by the application. What happens if I just add more values to the Exim pam function?
>
> This looks like the corresponding Exim code:
>
> https://github.com/Exim/exim/blob/master/src/src/auths/call_pam.c


The pam library calls back to exim, calling our pam_converse() routine.
Exim supplies as many fields as it asks for, each time it is called -
without knowing what they might be used for. Exim gets fields to
supply by walking the list that your config-file use of the "pam"
expansion condition supplied.

--
Cheers,
Jeremy