Hello Stefan, > As some of you have noticed, I'm resp. my company works on a complete > Courier package which eventually replaces the imap-only package. > I'm trying to get authentification with MySQL to get work with PAM > instead of the courier-authmysql module. I installed the > libpam-mysql module from woody.
> Any access with a existing local user comes through to the PAM > modules, other accesses are failing before PAM is tried. > Hints are welcome, relevant config file see below. If users who don't have local accounts on the system are rejected before they reach PAM, then you'll need to look somewhere other than your PAM config file to find the problem. Perhaps courier is failing early because it knows the username doesn't exist in the password file, and it will need this later to find the mailbox? I imagine courier expects its auth modules to provide more information than what's just available through PAM, which means the authpam module more than likely is trying to use getpwnam() to get the rest of what it needs. A look at the source to courier-authpam would tell. Since courier-authmysql almost certainly gets the rest of this information from the mysql database, you'd need to do one of two things: 1) expose the rest of the mysql database using an nss_mysql module (in which case there's not much point to using mysql instead of a password file), or 2) stick with courier-authmysql. If this is really what's going on, I strongly recommend option 2, because PAM is not a good fit for this problem. Steve Langasek postmodern programmer
