Trying this again; the first didn't make it. Something must be up
with the route to the list server or the list server itself.
@ 2:18:48 PM on 11/1/01, Solar Designer wrote:
>> First I used AUTH_MAN_USERPASS, but it failed, so I switched it to
^^^
Whoops. Too many man pages.
SD> Did you install pam_userpass and stack it for popa3d? If not then
SD> it couldn't have worked.
Ah, OK I learned something new then. I'm not familiar with PAM enough
to know what I'm looking for -- even if it explicitly says, "Talk to
pam_userpass via Linux-PAM binary prompts." :-)
>> Nov 1 14:18:10 cla PAM-warn[15217]: service: popa3d [on terminal: <unknown>]
>> Nov 1 14:18:10 cla PAM-warn[15217]: user: (uid=0) -> foo [remote: ?nobody@?nowhere]
SD> You seem to have pam_warn somewhere in the PAM stack for popa3d.
SD> Why, do you need it?
I guess that would be this?
% egrep -i pam_warn /etc/pam.d/*
/etc/pam.d/other:auth required /lib/security/pam_warn.so
/etc/pam.d/other:account required /lib/security/pam_warn.so
/etc/pam.d/other:password required /lib/security/pam_warn.so
/etc/pam.d/other:session required /lib/security/pam_warn.so
If that is correct, then I'm also guessing I need to create a file
called popa3d under /etc/pam.d with something like this?
auth required /lib/security/pam_unix.so
auth required /lib/security/pam_unix.so shadow use_first_pass
account required /lib/security/pam_unix.so
If I'm using md5, does md5 need to be on any of those lines, or is
that only for applications capable of changing a password?
Is it preferred to use AUTH_PAM_USERPASS over regular AUTH_PAM?
In your example for pam_userpass, I see:
auth required /lib/security/pam_userpass.so
auth required /lib/security/pam_pwdb.so shadow use_first_pass
account required /lib/security/pam_pwdb.so
But I don't have pam_pwdb on the system.
(Sorry for all the stupid newbie questions; PAM is confusing -- even
after having read the docs the best I could)
-Brian
