FSSOS stands for Flexible Single Sign-On Solution and has been written by Ben Goodwin for extending authentication via getpwnam(), getspnam(), getgrent(), etc calls.
Official website: http://fssos.sourceforge.net/ This source has been hacked and adapted to IndiMail as nssd from the FSSOS site. The hacked source will also work with vpopmail by just changing the configuration file nssd.conf. You just need to change the table_name, username, password, uid, gid appropriate for your vpopmail installation. nssd is a multi-threaded daemon and pre-connects to MySQL. This saves response times in user lookup queries as one no longer needs to keep on making and breaking connections to MySQL nssd is experimental and without warranty. The hacked source can be downloaded from http://downloads.sourceforge.net/indimail/nssd-1.0.tar.gz Modification has been made to have user and domain in the query e.g. [EMAIL PROTECTED] gets split into mbhangui as the user and gmail.com as the domain. This split allows authentication against IndiMail's MySQL database. By just changing the configuration, authentication should also work for vpopmail. The other change I have made is to make the Name Service Switch daemon supervise friendly. You may also want to look at the wonderful original code written by Ben. You may find this of use if you want to run a IMAP/POP3 server which does not yet have support for IndiMail or vpopmail Having this installed allows many IMAP/POP3 servers which use getpwnam(), getspnam(), PAM, etc to authenticate against IndiMail's database without making a single change to the IMAP/POP3 server code. This gives a Yet Another Way to have courier-imap, dovecot, etc to authenticate against your own custom MySQL database. NSSD - Name Service Switch Daemon ================================ Supported Operating Systems: o Linux (glibc >= 2.2.5) o Solaris (Sparc or Intel >= 8) (SEE NOTE BELOW) o FreeBSD (5.1+, prefer 5.2+) (SEE NOTE BELOW) Supported MySQL Versions: o MySQL 3.23.9 - 6.0.3-alpha Supported Compilers: o GCC (2.95.2, 3.x) Prerequisites ============= o Installing from source: o A functional compile environment (system headers, gcc, ...) o MySQL client library & header files (local) o MySQL server (local or remote) INSTALLATION DETAILS ==================== o If installing from source: o wget http://downloads.sourceforge.net/indimail/nssd-1.0.tar.gz o ./configure --prefix=/var/indimail \ --default-domain=indimail.org --with-mysql=/usr/local/mysql o make o make install-strip # For IndiMail, to install a supervise service, run the svctool command # For vpopmail, you need to have nssd run either by supervise or by your favourite method (rc, etc) o ./svctool --pwdlookup=/tmp/nssd.sock --threads=5 \ --timeout=5000 \ --mysqlhost=localhost --mysqluser=indimail \ --mysqlpass=xxxxxxxx \ --mysqlsocket=/tmp/mysql.sock --servicedir=/service On some systems, libtool insists on adding "-lc" to the link stage (due to the way gcc was built for that system), which breaks nssd threading in daemon mode. If you see a "-lc" before a "-pthread" or "-lpthread", then you're in trouble. You'll notice the broken behavior in the form of fewer-than-expected threads running (3) and the inability to kill the parent process off without a "-9" signal. To fix this, do the following: PTRHEAD_LIBS="-lpthread -lc" ./configure and then run make/make install. If your MySQL installation is based in a strange directory, use the --with-mysql=DIR option of ./configure to specify. For example, "./configure --with-mysql=/usr2" o Edit /var/indimail/etc/nssd.conf (or /var/vpopmail/etc/nssd.conf) You will find nssd.conf in samples directory of the source o Edit (or create) /etc/nsswitch.conf such that it contains at least the following: passwd: files nssd shadow: files nssd If you don't want groups from MySQL, simply don't include 'nssd' in in the 'group' line. o Start 'nssd' (e.g. "/var/indimail/sbin/nssd" or "/var/vpopmail/sbin/nssd") you can use supervise I have the following lines in the run file #!/bin/sh # $Id: svctool.in,v 2.69 2008-09-04 16:41:45+05:30 Cprogrammer Exp mbhangui $ # generated on i686-pc-linux-gnu on Thu Sep 4 16:45:35 IST 2008 # ./svctool --pwdlookup=/tmp/nssd.sock --threads=5 --timeout=5000 --mysqlhost=localhost --mysqluser=indimail --mysqlpass=ssh-1.5- --mysqlsocket=/tmp/mysql.sock --servicedir=/service exec /var/indimail/bin/envdir /service/pwdlookup/variables \ /var/indimail/bin/setuidgid indimail /var/indimail/sbin/nssd -d debug 2>&1 Regards Manvendra The individual choice of garnishment of a burger can be an important point to the consumer in this day when individualism is an increasingly important thing to people. -- Donald N. Smith, president of Burger King !DSPAM:48bfce7c32311671516875!
