On Tue, Jun 25, 2002 at 01:39:24AM -0700, Paul Johnson wrote: | So why is it if I have /etc/shadow owned by root:shadow, group has read | access, and mail in the shadow group, exim can't authenticate through | PAM. If I chown /etc/shadow to root:mail, it works...WTF?
I haven't checked it, but my guess is that exim doesn't acquire
secondary groups when it drops it's privileges. I ran into the same
problem using roundup with zope. The key will be in the source :-).
One potential workaround is a hard-link that is owned by root:mail and
accessed via pam_pwdfile.so.
-D
--
You have heard the saying that if you put a thousand monkeys in a room with a
thousand typewriters and waited long enough, eventually you would have a room
full of dead monkeys.
(Scott Adams - The Dilbert principle)
http://dman.ddts.net/~dman/
pgp8oLuUzSv8B.pgp
Description: PGP signature
