[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exim with login authentication using pam

On Thu, 2003-04-17 at 14:55, Derrick 'dman' Hudson wrote:
> On Wed, Apr 16, 2003 at 09:21:59PM +0100, Shri Shrikumar wrote:
> | Hi,
> | 
> | I am trying to get exim authenticate users before relaying and would
> | like to use PAM.
> Do you use shadow passwords?


> Are you trying to use pam_unix.so (specified in /etc/pam.d/exim)?

I copied the imap over (courier-imap which works fine)

> | Can anyone who has done this before shed some light on this.
> Only root can read the password hash stored in /etc/shadow.  exim
> can't.  (exim performs the check as EXIM_USER, often named "mail")

> You have a few options depending on your goals :
>     1)  allow the user 'mail' to read /etc/shadow

How risky is this ? Also, what would be the best way to do this ?

>     2)  maintain a copy which user 'mail' can read

Yeah, but this would kind of defeat the purpose since I wanted a
centralised place for usernames and passwords so I wont have to change
things all over the place each time a user is added / deleted.

>     3)  use a different pam method for authentication

This is what I do now. I just copied the shadow file, removed all the
irrelevant entries like root and used the standard authentication method
that came with exim.

Thanks for your response dman,



Shri Shrikumar             U R Byte Solutions
I.T. Consultant            Edinburgh, Scotland     Tel: 0845 644 4745
Email: shri@urbyte.com                             Web: www.urbyte.com

Attachment: signature.asc
Description: This is a digitally signed message part

Reply to: