Andreas Winkelmann wrote:
Am Mittwoch 12 November 2008 18:28:32 schrieb Dan White:
Veit Wahlich wrote:
I authenticate a Cyrus imapd through saslauthd's PAM authmech.
Now I'd like to define a secondary imap service in cyrus.conf not
accessing /etc/pam.d/imap but another PAM config file such
as /etc/pam.d/imap-external.
The goal is to have two imapds running (bound to different IPs or TCP
ports) with different PAM auth service configs for internal and external
access.
Is there a configuration option in imapd.conf or so to control which PAM
file is being accessed by saslauthd for a service?
Veit,
This was just discussed on the cyrus-imapd list:
http://www.mail-archive.com/info-cyrus@xxxxxxxxxxxxxxxxxxxx/msg36412.html
Unfortunately this will not help the OP. Yes, this would use separate
saslauthd-Services for the two imap-Daemons, but unfortunately the Servicename
which is used to connect to saslauthd is hardcoded in each Daemon. For imapd
this is "imap". And this Servicename is interesting for the pam.d/file.
Thank for the correction. I suppose a work around might be to run one of
the saslauthd's in a chrooted environment, with a separate set of pam
libraries and configs.
- Dan
