Re: Exim SMTP Auth and /etc/shadow

To: "Andrew Tait" <andrewt@cnl.com.au>, <debian-isp@lists.debian.org>
Subject: Re: Exim SMTP Auth and /etc/shadow
From: "Maarten Vink" <vink@interstroom.nl>
Date: Tue, 2 Apr 2002 10:05:21 +0200
Message-id: <[🔎] 00cc01c1da1d$22cad730$3200a8c0@interstroom.nl>
References: <[🔎] 00c801c1da1c$65a77fa0$034e15cb@cnl.com.au>

Try using PAM:

plain:
   driver = plaintext
   public_name = PLAIN
   server_condition = "${if pam{$2:$3}{1}{0}}"
   server_set_id = $1

login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = "${if pam{$1:$2}{1}{0}}"
   server_set_id = $1


----- Original Message -----
From: "Andrew Tait" <andrewt@cnl.com.au>
To: <debian-isp@lists.debian.org>
Sent: Tuesday, April 02, 2002 10:00 AM
Subject: Exim SMTP Auth and /etc/shadow


> Hi All,
>
> I am setting up exim to do SMTP auth against /etc/shadow. At the end of
this
> e-mail is my authentication section of exim.conf.
>
> It is all working except for the fact that the user mail does not have
> permission to read /etc/shadow. If I make a copy (/etc/eximshadow) with
> appropriate ownership/permissions the SMTP auth works fine, however it
will
> not authenticate against /etc/shadow.
>
> To get around the permissions problem, I added mail into the shadow group,
> so that the user mail DOES have permission to read /etc/shadow (i.e. su
> mail -c "cat /etc/shadow" works).
>
> However:
> 2002-04-02 17:52:29 Authentication failed for tazdevil.cnl.com.au
(tazdevil)
> [203.21.78.3]: 435 Unable to authenticate at present: failed to open
> /etc/shadow for linear search: Permission denied (euid=8 egid=8)
>
> Any ideas?
>
> Andrew Tait
> System Administrator
> Country NetLink Pty, Ltd
> E-Mail: andrewt@cnl.com.au
> WWW: http://www.cnl.com.au
> 30 Bank St Cobram, VIC 3644, Australia
> Ph: +61 (03) 58 711 000
> Fax: +61 (03) 58 711 874
>
> "It's the smell! If there is such a thing." Agent Smith - The Matrix
>
> ######################################################################
> #                   AUTHENTICATION CONFIGURATION                     #
> ######################################################################
>
> # Look in the documentation (in package exim-doc or exim-doc-html for
> # information on how to set up authenticated connections.
>
> # The examples below are for server side authentication; they allow two
> # styles of plain-text authentication against an /etc/exim/passwd file
> # which should have user IDs in the first column and crypted passwords
> # in the second.
>
>  plain:
>    driver = plaintext
>    public_name = PLAIN
>    server_condition = "${if
>
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*}}}}
> }{1}{0}}"
>    server_set_id = $1
>
>  login:
>    driver = plaintext
>    public_name = LOGIN
>    server_prompts = "Username:: : Password::"
>    server_condition = "${if
>
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*}}}}
> }{1}{0}}"
>    server_set_id = $1
>
>
>
>
>
> --
> To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org


-- 
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

References:
- Exim SMTP Auth and /etc/shadow
  - From: "Andrew Tait" <andrewt@cnl.com.au>

Prev by Date: Exim SMTP Auth and /etc/shadow
Next by Date: [HELP] RAID chunk-size
Previous by thread: Exim SMTP Auth and /etc/shadow
Next by thread: [HELP] RAID chunk-size
Index(es):
- Date
- Thread