subject:"Exim SMTP Auth and \/etc\/shadow"

Re: Exim SMTP Auth and /etc/shadow

2002-04-01 Thread Maarten Vink


Try using PAM:

plain:
   driver = plaintext
   public_name = PLAIN
   server_condition = "${if pam{$2:$3}{1}{0}}"
   server_set_id = $1

login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = "${if pam{$1:$2}{1}{0}}"
   server_set_id = $1


- Original Message -
From: "Andrew Tait" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 02, 2002 10:00 AM
Subject: Exim SMTP Auth and /etc/shadow


> Hi All,
>
> I am setting up exim to do SMTP auth against /etc/shadow. At the end of
this
> e-mail is my authentication section of exim.conf.
>
> It is all working except for the fact that the user mail does not have
> permission to read /etc/shadow. If I make a copy (/etc/eximshadow) with
> appropriate ownership/permissions the SMTP auth works fine, however it
will
> not authenticate against /etc/shadow.
>
> To get around the permissions problem, I added mail into the shadow group,
> so that the user mail DOES have permission to read /etc/shadow (i.e. su
> mail -c "cat /etc/shadow" works).
>
> However:
> 2002-04-02 17:52:29 Authentication failed for tazdevil.cnl.com.au
(tazdevil)
> [203.21.78.3]: 435 Unable to authenticate at present: failed to open
> /etc/shadow for linear search: Permission denied (euid=8 egid=8)
>
> Any ideas?
>
> Andrew Tait
> System Administrator
> Country NetLink Pty, Ltd
> E-Mail: [EMAIL PROTECTED]
> WWW: http://www.cnl.com.au
> 30 Bank St Cobram, VIC 3644, Australia
> Ph: +61 (03) 58 711 000
> Fax: +61 (03) 58 711 874
>
> "It's the smell! If there is such a thing." Agent Smith - The Matrix
>
> ##
> #   AUTHENTICATION CONFIGURATION #
> ##
>
> # Look in the documentation (in package exim-doc or exim-doc-html for
> # information on how to set up authenticated connections.
>
> # The examples below are for server side authentication; they allow two
> # styles of plain-text authentication against an /etc/exim/passwd file
> # which should have user IDs in the first column and crypted passwords
> # in the second.
>
>  plain:
>driver = plaintext
>public_name = PLAIN
>server_condition = "${if
>
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*
> }{1}{0}}"
>server_set_id = $1
>
>  login:
>driver = plaintext
>public_name = LOGIN
>server_prompts = "Username:: : Password::"
>server_condition = "${if
>
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*
> }{1}{0}}"
>server_set_id = $1
>
>
>
>
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact
[EMAIL PROTECTED]


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Exim SMTP Auth and /etc/shadow

2002-04-01 Thread Andrew Tait


Hi All,

I am setting up exim to do SMTP auth against /etc/shadow. At the end of this
e-mail is my authentication section of exim.conf.

It is all working except for the fact that the user mail does not have
permission to read /etc/shadow. If I make a copy (/etc/eximshadow) with
appropriate ownership/permissions the SMTP auth works fine, however it will
not authenticate against /etc/shadow.

To get around the permissions problem, I added mail into the shadow group,
so that the user mail DOES have permission to read /etc/shadow (i.e. su
mail -c "cat /etc/shadow" works).

However:
2002-04-02 17:52:29 Authentication failed for tazdevil.cnl.com.au (tazdevil)
[203.21.78.3]: 435 Unable to authenticate at present: failed to open
/etc/shadow for linear search: Permission denied (euid=8 egid=8)

Any ideas?

Andrew Tait
System Administrator
Country NetLink Pty, Ltd
E-Mail: [EMAIL PROTECTED]
WWW: http://www.cnl.com.au
30 Bank St Cobram, VIC 3644, Australia
Ph: +61 (03) 58 711 000
Fax: +61 (03) 58 711 874

"It's the smell! If there is such a thing." Agent Smith - The Matrix

##
#   AUTHENTICATION CONFIGURATION #
##

# Look in the documentation (in package exim-doc or exim-doc-html for
# information on how to set up authenticated connections.

# The examples below are for server side authentication; they allow two
# styles of plain-text authentication against an /etc/exim/passwd file
# which should have user IDs in the first column and crypted passwords
# in the second.

 plain:
   driver = plaintext
   public_name = PLAIN
   server_condition = "${if
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*
}{1}{0}}"
   server_set_id = $1

 login:
   driver = plaintext
   public_name = LOGIN
   server_prompts = "Username:: : Password::"
   server_condition = "${if
crypteq{$2}{${extract{1}{:}{${lookup{$1}lsearch{/etc/shadow}{$value}{*:*
}{1}{0}}"
   server_set_id = $1





-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Re: Exim SMTP Auth and /etc/shadow

Exim SMTP Auth and /etc/shadow

2 matches

Site Navigation

Mail list logo

Footer information