I would hate to have PAM support abandoned also. I have using Novell's
corporate directory for Linux (pam_nds) very successfully with Cyrus to let
our users have one password for LAN and e-mail access.
--Moby
-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Ken Murchison
Sent: Thursday, December 28, 2000 2:35 PM
To: Lawrence Greenfield
Cc: [EMAIL PROTECTED]
Subject: Re: Cyrus-imapd 2.0.9 all users accept the cyrus password &
noothers!
Lawrence Greenfield wrote:
>
> Date: Thu, 28 Dec 2000 14:45:22 -0500
> From: Todd Nemanich <[EMAIL PROTECTED]>
> Organization: Bay Mountain, Inc.
>
> "David L. Parsley" wrote:
> >
> > Me too! I thought maybe I'd done something dumb, and haven't gone
back
> > to try this again. This happened to me with 2.0.7. Using PAM, I
could
> > only log in supplying the password for cyrus. I switched to sasldb
and
> > it worked fine.
> >
> > Still, I wonder if this is a bug or just a common misconfiguration...
> >
>
> I'm not exactly sure if this is the reason, but PAM does not allow any
> user except root to check another user's password. Hence you would only
> be able to check against uid:Cyrus through PAM. Perhaps using the
> pwcheck daemon can solve this problem.
>
> This is exactly the problem. A future version of Cyrus SASL will
> probably discontinue the PAM password method is favor of forcing
> people to use pwcheck.
Huh? I've been using pam_smb (yeah, I know this is ugly!) for all of
our users since Cyrus 1.6.22 without any problems. Every user uses
their own password to authenticate to imapd/pop3d/timsieved. The only
time I need to use the Cyrus user's password is when I run 'cyradm -u
cyrus'
I know there are lots of other people using PAM, and I for one would
hate to see support for it taken out of SASL.
Ken
--
Kenneth Murchison Oceana Matrix Ltd.
Software Engineer 21 Princeton Place
716-662-8973 x26 Orchard Park, NY 14127
--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
