IMAPS with extra authorization.

Dan White dwhite at olp.net
Sat Jul 24 01:43:37 EDT 2010


On 22/07/10 06:56 -0500, Syren Baran wrote:
>Am Donnerstag, den 22.07.2010, 13:27 +0200 schrieb Josef Karliak:
>> Hi, thanks for tip. I used your entries now (I had anything else in
>> pam.d's imap config).
>
>> celer:/etc/pam.d # testsaslauthd -u user -p goodsystempass -s imap 0: OK
>> "Success."
>
>If you DONT want this, remove the line "auth required pam_unix.so".  But
>you wont be able to login as the cyrus user via cyradm!
>
>>    I've tried imaps from internet, it accept user from pwd file, but
>>    account from system too :-/. It can't from imaps :-/
>
>Is it possible to set the service name for imapd somehow?
>
>Would be a nice and clean solution to set the service name for "imapd -s"
>to "imaps" and just use a second pam file for that service.

The service name that gets passed to saslauthd is taken from the
sasl_server_init call inside the individual servers.  So it's always 'imap'
for all services started by imapd, and 'pop3' for all pop3d services.

I don't think it would be possible without a modification to the sasl code.

-- 
Dan White


More information about the Info-cyrus mailing list