Daeron wrote:
>Hi,
> My experience is just the oppersite:
> FreeBSD 4.3, Cyrus 2.0.12 from /usr/ports/mail/cyrus-imap
>/usr/local/etc/imapd.conf edited with "sasl_pwcheck: pam"
> I've also tried "PAM".
>/etc/pam.conf with "imap auth required /usr/local/lib/pam_mysql.so
>user=....."
>and same for pop3
>
The problem is that many pam modules don't work when they're not run as
'root'. Since cyrus runs as user 'cyrus', having cyrus do PAM won't work
properly. You need to get pwcheck to do the pam thing and have cyrus use
pwcheck to do the work.
So you need to add pwcheck_pam.c (see this list's archives) to the
cyrus-sasl pwcheck, then configure the 'cyrus' service in /etc/pam.conf
however you like. Then all services that use SASL will authenticate how
you like.
>
>
>But nothing authenticates. When I tried imtest I found the thing replies
>that there's no authentification mechaism. So I investigate & find that the
>Makefile has a single auth option listed --with-auth=unix
> ...arr ah! I think, so I've tried a --with-auth=pam to which it it seems
>to make all in man, et, sieve, acap, and lib before eventually saying "don't
>know how to make auth_pam.o. Stop"
>
The fix isn't in cyrus-imap, it's in cyrus-sasl.
