[Fwd: Re: cyrus-imapd]

Roger Grosswiler roger at gwch.net
Mon Jun 7 11:48:47 UTC 2004


> Why i use pam instead of shadow? because with shadow i did not get it running strangerwise, but it worked fine from
the beginning with pam, which does not do any difference except using one more interface (in my understanding,
please don't let me die unwise...)

As you say it, I remember we already had talked about that difficulty for you a while ago. Although I still don't
understand the reason.

Anyway, you are right that at least in basic configuration there is no real difference between using pam or shadow as
mechs with saslauthd - speaking about the default /etc/pam.d/smtp file coming with Fedora. And if you intend to not
authenticate against system users, PAM is one way to configure your system, including Cyrus-IMAPd, as a sealed server.
One way to do so is described here (for Postfix, can be done with other MTA too):

http://linux-universe.com/HOWTO/Postfix-Cyrus-Web-cyradm-HOWTO/pam-config.html

by using pam_mysql and keeping the user data in an SQL database. While that could be done too with MECH=auxprop and
not using PAM.

> of course you are right, just wanted to make sure, it isn't cyrus itself, that cannot connect...so i go forward step
by step...

A fair way to find the trouble maker. Just wanted to remark that this setting change in /etc/sysconfig/saslauthd is
not really necessary.

> Roger

Alexander

You've met the point. In my opinion, cyrus would belong in a complete separate environement, with another auth-backend
than the system (eg. mysql, ldap, whatever, but this is philosophical, is a use it for private purpose only - for my
10 email-account, even cyrus is overstatement, but is a very nice trainig.) i work now on mysql-authentication, its
not that easy. if i found out, i could post here the definitive confs and sql-stats for the use...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/fedora-list/attachments/20040607/75e489a8/attachment-0001.sig>


More information about the fedora-list mailing list