Hi,
I'm trying to get auth working with exim4 using saslauthd and pam.
I have this is my exim4 config:
plain_saslauthd_server:
driver = plaintext
public_name = PLAIN
server_condition = ${if saslauthd{{$2}{$3}{exim4}}{1}{0}}
server_set_id = $2
server_prompts = :
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
login_saslauthd_server:
driver = plaintext
public_name = LOGIN
server_prompts = "Username:: : Password::"
# don't send system passwords over unencrypted connections
server_condition = ${if saslauthd{{$1}{$2}{exim4}}{1}{0}}
server_set_id = $1
.ifndef AUTH_SERVER_ALLOW_NOTLS_PASSWORDS
server_advertise_condition = ${if eq{$tls_cipher}{}{}{*}}
.endif
This appears to be working ok.
But as soon as I put anything to do with pam_access in my pam
configuration for exim4, I get this in my auth.log:
Feb 23 10:45:02 vetinari pam_access[4654]: couldn't get the tty name
Feb 23 10:45:02 vetinari saslauthd[4654]: DEBUG: auth_pam: pam_acct_mgmt failed: Critical error - immediate abort
Feb 23 10:45:02 vetinari saslauthd[4654]: do_auth : auth failure: [user=dcpurton] [service=exim4] [realm=] [mech=pam] [reason=PAM acct error]
If I don't use pam_access, then it all works fine.
I want to use pam_access, because I want to restrict the ability to use
auth for remote relaying to a subset of users on the system.
Any clues on how to fix this?
cheers
dc
--
David Purton
dcpurton@chariot.net.au
For the eyes of the LORD range throughout the earth to
strengthen those whose hearts are fully committed to him.
2 Chronicles 16:9a
Attachment:
signature.asc
Description: Digital signature