First, I'm still on cyrus-imapd-1.6.19-2 and it's working so I haven't messed with it. If anything I say is wrong as of 2, sorry. There are a couple of known issues with PAM that I'm aware of. The shadow (and maybe passwd) file must be group readable (unless someone else has a fix I dunno about). This causes problems because everytime you use Linuxconf or add a new user, RH will change it back, destroying mail access until you fix it again. Also, user cyrus must be in the root group. I found a strange occurance that after adding a user, fixing the shadow permissions and logging out, it STILL reverted to NOT group readable so I had to log back in and fix it again. So, "chmod 0440 shadow" and put cyrus in the root group. It's a kinda bandaid and opens up security somewhat. For added security, consider using SSL-capable IMAP clients so that passwords are not sent in the clear. On my install, I found that I had to manually create the directories for the mail to be delivered in. /usr/cyrus/a /usr/cyrus/a/anthony /usr/cyrus/b, etc... -Tony -----Original Message----- From: Gilion Goudsmit [mailto:[EMAIL PROTECTED]] I've successfully configured Cyrus using the sasldb sasl_pwcheck_method (imapd.conf) but would prefer using PAM, so I can flexibly switch the userdatabase. For starters I'm just using the system_auth pam method. I've set the sasl_pwcheck_method to 'pam', and the 'imap' file in the pam.d folder reads the following: auth required /lib/security/pam_stack.so service=system-auth account required /lib/security/pam_stack.so service=system-auth <<snip>> Apr 9 19:48:42 gandalf2 imapd[12360]: badlogin: localhost.localdomain[127.0.0.1] PLAIN no mechanism available Apr 9 19:48:47 gandalf2 PAM_unix[12360]: authentication failure; (uid=76) -> root for system-auth service Uid 76 is the cyrus user, so I suppose something is failing because the server is running as cyrus or something? Or do I need to 'allow' PLAIN logins from somewhere? Any help is making it work but especially and helping me understand what is actually going wrong would be greatly appreciated and buys you lunch in Amsterdam (plain-ticket not included). Thank you and Regards, Gilion R. Goudsmit, MagicMinds, Amsterdam.
