> On 07/01/2021 02:47 Yilin Wei <yi...@kebab-ca.se> wrote: > > > Hi, > > I’ve been looking into a problem with a local dovecot setup with > ~systemd-homed~ and uses PAM authentication. To give a brief overview, > ~systemd-homed~ mounts the users home directory upon particular > authencation calls (which is configurable through ~/etc/pam.d~). > > Dovecot currently supports PAM authentication perfectly fine — the > problem comes when a system has systemd-homed. This is because the > session is created and deleted immediately afterwards [1]. > > This is a problem because if the server isn’t busy, systemd-homed can > run it’s cleanup which causes the home directory to be unavailable once > again [2]. > > To support this properly, ideally the whole of the imap/pop3/lda session needs > to happen before the deletion of the session. > > Does the imap session happen within a ~verify_plain~ [3] call? If not, > are there any other authentication backends which currently need to keep > a live token? > > Yilin > > [1] > https://github.com/dovecot/core/blob/266e54b7b8c34c9a58dd60a2e53c5ca7d1deae19/src/auth/passdb-pam.c#L219 > [2] https://dovecot.org/pipermail/dovecot/2019-April/115559.html > [3] > https://github.com/dovecot/core/blob/266e54b7b8c34c9a58dd60a2e53c5ca7d1deae19/src/auth/passdb.h#L44
Hi! IMAP session happens after authentication has taken place. For this to work correctly in this case, there would need to be a mail plugin that would actually open the pam session and then close it. Aki
