I tried this same package out a few months ago. I believe you need to
change the permissions on "/etc/shadow" to allow read access for everyone.
This is a major security risk and pretty much defeats the purpose of a
shadow password system.
Another possible option, that I have not tried, involves using the pwcheck
utility that comes with sasl. Pwcheck runs as a daemon with root access and
is able to access the shadow password file.
I actually ended up using a MySQL database to store usernames and password
files.
Brian Tenerowicz
----- Original Message -----
From: Mobeen Azhar <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Thursday, May 25, 2000 1:49 PM
Subject: Cyrus, Sasl, and PAM
> Hello all,
> I installed the Cyrus mail package using the cyrus-imapd-1.6.19-2 RPM. I
> used the source RPM and compiled it myself. The build and installation
went
> fine. I also installed Cyrus SASL via the cyrus-sasl-1.5.11-2 RPM. Again
I
> used the source RPM and the build and installation went fine. This is on
a
> RH 6.2 box using PAM.
>
> I am having a problem authenticating to imap. Running the imtest
diagnostic
> tool I get the following message when I enter the password "Authentication
> failed: generic failure". I know that PAM is working fine, so I suspect
it
> is the SASL mechanism that is failing. However, SASL is not writing
> anything to /var/log/auth.log. /usr/lig/sasl/Cyrus.conf contains the line
> pwcheck_method:PAM.
>
> Does anyone have any ideas what could be going on? Is there some sort of
> diagnostic tool for SASL that I can use to see if the SASL side of things
is
> working ok?
>
> Thanks in advance for any help,
> --Moby
>
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
>
>
>
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
