Re: Exim PAM SMTP Authentication, help!

To: Eugene van Zyl <evz@streetcar.com>
Cc: GLUG <glug@linux.org.za>, Debian-User <debian-user@lists.debian.org>
Subject: Re: Exim PAM SMTP Authentication, help!
From: Phil Brutsche <pbrutsch@tux.creighton.edu>
Date: Tue, 10 Apr 2001 09:59:51 -0500 (CDT)
Message-id: <[🔎] Pine.LNX.4.33.0104100955060.30297-100000@tux.creighton.edu>
In-reply-to: <[🔎] OJEFLNJDBPDANNEDGCBOOEOHDKAA.evz@streetcar.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

A long time ago, in a galaxy far, far way, someone said...

> Hi,
>
> I'm trying Exim to authenticate users for mail relay using the SMTP
> AUTH interface. I've recompiled the Debian Exim 3.12-10 source package
> with the standard/default settings and only added the TCP Wrappers and
> PAM support. The exim and eximon packages generated successfully and
> installed fine. Only what else should I do know to allow exim to use
> PAM? I've set up the fixed_plain and fixed_login entries in the conf
> file with the server_condition for fixed_login (which is what Outlook
> uses) as follows:

>   server_condition = "\
>   ${if pam {$1:$2}{yes}{no}}"
>
> The authentication log returns the following error when I try to
> authenticate:

> PAM_unix[24311]: authentication failure; (uid=8) -> **unknown** for exim service
>
> I've set up an exim config file in the /etc/pam.d/ dir with auth and
> account required. From the above (and the spec.txt file in the exim
> docs) it looks like it expects an exim user with UID 8 to initialise
> the PAM service, but mail is already specified as the UID 8 GID 8 and
> I don't know what'll break if I rename mail to exim. Is it possible to
> create a user alias ? i.e. exim and mail is really the same user, same
> passwd etc ?

The problem isn't the in the name of the user that exim runs as, it's the
UID.  To be able to authenticate against the information in /etc/shadow
exim must run as root.

Put

exim_user = root

in exim.conf, restart exim, and try again.

> Also am I approaching this PAM authentication right?

For the most part.

- -- 
- ----------------------------------------------------------------------
Phil Brutsche				    pbrutsch@tux.creighton.edu

GPG fingerprint: 9BF9 D84C 37D0 4FA7 1F2D  7E5E FD94 D264 50DE 1CFC
GPG key id: 50DE1CFC
GPG public key: http://tux.creighton.edu/~pbrutsch/gpg-public-key.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQE60x/p/ZTSZFDeHPwRArnyAJ4hBSbnGQ+MyGJ3vl8Om1uXKROblQCdGHPz
QfhF1AwaBP+zoMxIojNZETA=
=QTyE
-----END PGP SIGNATURE-----

Reply to:

Follow-Ups:
- RE: Exim PAM SMTP Authentication, help!
  - From: "Eugene van Zyl" <evz@streetcar.com>

References:
- Exim PAM SMTP Authentication, help!
  - From: "Eugene van Zyl" <evz@streetcar.com>

Prev by Date: Re: I'm looking for install
Next by Date: Re: Proc file system
Previous by thread: Exim PAM SMTP Authentication, help!
Next by thread: RE: Exim PAM SMTP Authentication, help!
Index(es):
- Date
- Thread