On Jun 30, 2009, at 12:39 PM, Adam Megacz wrote:
In particular, I'm trying to use dovecot with pam_krb5 (which
associates a ticket cache to a specific pid) and pam_afs_session
(which associates tokens to a specific process authentication
group --
roughly equivalent to a process and all its de
Timo Sirainen writes:
> Not easily. PAM lookups are done by dovecot-auth process, which is
> completely different from the eventual imap/pop3 process.
Yes, I know... I find that most unfortunate. This design creates
security problems when the machine where the files are stored does not
uncondit
On Mon, 2009-06-29 at 13:32 -0700, Adam Megacz wrote:
> Hello. I'm wondering how one would go about configuring dovecot to
> invoke pam_setcred() from the same process as (or a parent process of)
> the process which eventually reads the user's mail off the disk.
Not easily. PAM lookups are done b
Hello. I'm wondering how one would go about configuring dovecot to
invoke pam_setcred() from the same process as (or a parent process of)
the process which eventually reads the user's mail off the disk. This
is required for pam modules that set kernel-level credentials which
are later used to ac