pam pop issue

Gary Mills mills at cc.umanitoba.ca
Tue Jun 17 08:44:53 EDT 2008 

On Tue, Jun 17, 2008 at 02:32:46PM +0530, Ashay Chitnis wrote:
> 
>    On Tue, Jun 17, 2008 at 12:09 AM, Gary Mills
>    <[1]mills at cc.umanitoba.ca> wrote:
>    
>    Gary, thanks for your help.
>      I have had one sleepless night  trying to read out the sasl manuals
>    from SUN :).
>    
>      the pam_acct_mgmt() call must be removed from saslauthd/auth_pam.c
>      and
>      added to lib/server.c instead.
>      
>    can you elaborate more on how you have acheived it?

By modifying the SASL source and recompiling it.  I can post my patches
if anyone else is interested.

>    first the item
>    passed by sasl is the service name (pop) and not the remote network ip
>    and this is compared with the actual IP address.
>    pam_get_item should be getting the IP address and passing it to pam
>    NOT the service name..

As others have mentioned, the information stored in the PAM handle
depends on the application.  Many different types are possible, but
the application has to store the data to make it available to the
PAM module.  PAM_RHOST, the remote host name, would be the one that
interests you.  That information is not always present.  For cyrus
and sasl, it appears not to be present.  I haven't confirmed this.

>    I have checked its works beautifully in sshd. Now i need to find a way
>    to work it in sasl for pop imap service.

-- 
-Gary Mills-    -Unix Support-    -U of M Academic Computing and Networking-

More information about the Info-cyrus mailing list