FYI, session support in uw-imap is there but has problems on certain
platforms, which platforms I do not know.
#if 1
/*
* Some people have reported that this causes a SEGV in strncpy() from
* pam_unix.so.1
*/
/*
* This pam_open_session() call is inconsistant with how we handle other
* platforms, where we don't write [uw]tmp records. However, unlike our
* code on other platforms, pam_acct_mgmt() will check those records for
* inactivity and deny the authentication.
*/
pam_open_session (hdl,NIL); /* make sure account doesn't go inactive */
#endif
(I changed it to #if 1 for testing)
This works for pam_mkhomedir at least which is my goal.
Thank you for pointing me in the right direction!
Terry
Mike Gerdts wrote:
> On Thu, 2002-01-31 at 13:33, Terry Davis wrote:
>
>>Well, I am still stumped on this. Is it up to the server to call
>>certain aspects of pam? Like, is it possible that uw-imapd is simply
>>ignoring what pam is saying about pam_mkhomedir? I would really
>>appreciate any help on this matter.
>>
>>Thank you!
>>
>
> A quick look at pam_mkhomedir shows:
>
> % nm pam_mkhomedir.so | grep pam_sm
> 00001500 T pam_sm_close_session
> 00001410 T pam_sm_open_session
>
> A quick look at the imapd source (from pine4.33) shows:
>
> % find imap -name \*.c | xargs grep pam_open
> <no output>
>
> Since imapd never calls pam_open_session(), libpam never calls
> pam_sm_open_session(), and as such pam_mkhomedir is never called.
>
> Mike
>
>
>
>
> _______________________________________________
>
> Pam-list@redhat.com
> https://listman.redhat.com/mailman/listinfo/pam-list
>
--
Terry Davis
Systems Administrator
BirdDog Solutions, Inc.
(402) 829-6059
www.birddog.com
