second instance of cyrus imapd should obey /etc/pam.d/imapnew

[Patrick Boutilier]

Ashay Chitnis wrote:
> Hi guys,
> 
> Here is my query. I have cyrus-imapd (with cyrus-sasl)which runs on 143 
> and 110. I want to have user level restrictions on my 143 port.. I have 
> generated two instances on imapd one on 143 and other on 5122 ports.
> 
> SERVICES {
>   # add or remove based on preferences
>   imap  cmd="imapd" listen="imap" prefork=5
> #imaps  cmd="imapd -s" listen="imaps" prefork=1
>   pop3  cmd="pop3d" listen="pop3" prefork=3
> #pop3s  cmd="pop3d -s" listen="pop3s" prefork=1
>   sieve cmd="timsieved" listen="sieve" prefork=0
> #Added by Ashay
>  * imapnew cmd="imapd" listen="imapnew" prefork=5*
> etc......
> }
> 
> now i want one imap on 143 to obey /etc/pam.d/imap and other imapnew 
> (5122) instance to obey /etc/pam.d/imapnew
> 
> can anyone tell me how this is possible?
> 
> my /etc/pam.d/imap file:
> */
> cat /etc/pam.d/imap
> auth    required        /lib/security/pam_ldap.so
> auth  required /lib/security/pam_listfile.so  item=user sense=allow 
> file=/usr/local/etc/imapallow onerr=fail
> account required        /lib/security/pam_ldap.so/*
> 
> 
> my /etc/pam.d/imapnew file:
> */
> cat /etc/pam.d/imapnew
> auth    sufficient      /lib/security/pam_ldap.so
> account sufficient      /lib/security/pam_ldap.so/*
> 
> can anyone suggest how to achieve this? is there any PAM_SERVICE=imapnew 
> parameter i can pass??

Do you compile from source? If so you can change the 2 lines in imapd.c 
that read:

sasl_server_new("imap"...

to

sasl_server_new("imapnew"...

Compile imapd again and copy the resulting binary to imapdnew. Then use 
this line in cyrus.conf:

imapnew cmd="imapdnew" listen="imapnew" prefork=5*


> 
> regards,
> Ashay
> 
> 
> ------------------------------------------------------------------------
> 
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html