I feel happy to announce that I have built NSS support for IndiMail (http://www.indimail.org).
It is based on a patch on libnss-mysql at sourceforge.net. IndiMail is mail server which patches qmail to integrate qmail-smtpd (auth, relay,etc), qmail-local, qmail-remote, with IndiMail's MySQL database. The patch should work for vpopmail as the schema for the user database is the same (just change the sql statement in config file) The patch is standalone and can easily adapted or adopted for your own MySQL database. NSS stands for NameService Switch. NSS allows you to implement access to various data using any number of modules. This means that when the operating system wants to look any user, it doesn't have to know how - it calls upon the NSS system to perform the task. One can write modules for NSS to look for users in places other than /etc/passwd, /etc/shadow. The NSS API is the backend for lookup routines like getpwnam(), getpwuid(), etc Almost all IMAP servers that I know of have modules to authenticate users out of /etc/passwd, /etc/shadow, etc. By using NSS, authentication of IMAP servers can be extended to use databases like MySQL, LDAP. You can download the libnss-mysql at http://sourceforge.net/project/showfiles.php?group_id=56073&release_id=354053 and the patch for IndiMail at http://downloads.sourceforge.net/indimail/libnss-mysql-1.5.patch.gz to build NSS support for Indimail. For other mail servers, you may want to change the SQL statement in the libnss-mysql.cfg configuration file. libnss-mysql and this patch allows an Imap Server like the courier imap to use the authpam module shipped with it without changing a single line of courier-imap. The patch builds support for PAM routines to authenticate users against IndiMail's MySQL database. I have tested this with courier imap's authpam. Installation involves familiar ./configure; make; make install Configuration involves putting 2 files in /etc a) libnss-mysql.cfg This file specifies the SQL statement for selecting a user from a MySQL database b) libnss-mysql-root.cfg This file specifies connection parameters for connecting to your MySQL database c) modifying /etc/nsswitch.conf and have the two lines below passwd: files mysql shadow: files mysql Two big advantage as I see it 1) the function getpwnam() gets extended and applications which use this routine automatically gets extended for user lookups in MySQL database 2) You can run the Name Service Cache Daemon (/usr/sbin/nscd) on linux. nscd gives you good performance boost by caching repeated requests. You can modify the SQL statement in the file /etc/libnss-mysql.cfg to use your own specific MySQL database. You can compile a small tester program to test users in your own MySQL databse. (do gcc try.c -o try to compile) Enjoy --Manvendra Very few profundities can be expressed in less than 80 characters. !DSPAM:48aba40e32311478119004!
