Re: PAM not working reliably

To: "List, debian-user" <debian-user@lists.debian.org>
Subject: Re: PAM not working reliably
From: Derrick 'dman' Hudson <dman@dman.ddts.net>
Date: Tue, 25 Jun 2002 14:49:32 -0500
Message-id: <[🔎] 20020625194932.GC1955@dman.ddts.net>
Mail-followup-to: "List, debian-user" <debian-user@lists.debian.org>
In-reply-to: <[🔎] 20020625083924.GA2874@ursine.dyndns.org>
References: <[🔎] 20020625083924.GA2874@ursine.dyndns.org>

On Tue, Jun 25, 2002 at 01:39:24AM -0700, Paul Johnson wrote:
 
| So why is it if I have /etc/shadow owned by root:shadow, group has read
| access, and mail in the shadow group, exim can't authenticate through
| PAM.  If I chown /etc/shadow to root:mail, it works...WTF?

I haven't checked it, but my guess is that exim doesn't acquire
secondary groups when it drops it's privileges.  I ran into the same
problem using roundup with zope.  The key will be in the source :-).
One potential workaround is a hard-link that is owned by root:mail and
accessed via pam_pwdfile.so.

-D

-- 

You have heard the saying that if you put a thousand monkeys in a room with a
thousand typewriters and waited long enough, eventually you would have a room
full of dead monkeys.
                                (Scott Adams - The Dilbert principle)
 
http://dman.ddts.net/~dman/

Attachment: pgp4TkhyM8Yfg.pgp
Description: PGP signature

Reply to:

References:
- PAM not working reliably
  - From: Paul Johnson <baloo@ursine.dyndns.org>

Prev by Date: Re: An Internal Modem - Configuration
Next by Date: Re: Question on dependencies
Previous by thread: Re: PAM not working reliably
Next by thread: upgrading potato to woody by CD (fwd)
Index(es):
- Date
- Thread