im running a cyrus murder cluster that access a mysql Table for authentification,
i just switched to the pam_mysql module because we need hashed passwords in the DB.
When I try to login with an email address as username PAM cuts of everything after the "@".
Login works fine with an account that has a crypted pasword and no domain attached
Where can i define the query for PAM?
cyradm --user joe@xxxxxxxxxx --server frontend --auth PLAIN
the statement
SELECT password FROM users WHERE email = 'joe'
some logfile entries:
do_auth : auth failure: [user=joe] [service=imap] [realm=plusser.local] [mech=pam] [reason=PAM auth error]
badlogin: frontend [192.168.247.128] plaintext joe@xxxxxxxxxx SASL(-13): authentication failure: checkpass failed
/etc/pam.d/imap
#%PAM-1.0
#auth include system-auth
#account include system-auth
auth sufficient pam_mysql.so user=mail_admin passwd=pwd_mail host=localhost db=mail table=users usercolumn=email passwdcolumn=password crypt=1
#logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
auth sufficient pam_unix_auth.so
account required pam_mysql.so user=mail_admin passwd=pwd_mail host=localhost db=mail table=users usercolumn=email passwdcolumn=password crypt=1
# logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
account sufficient pam_unix_acct.so
/etc/imapd.conf(cut)
allowplaintext: yes
sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: saslauthd
saslauthd_path: /var/run/saslauthd/mux
thanks
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
