On Tue, Feb 17, 2015 at 06:43:40AM -0800, Rich Shepard wrote:
> I'm not a professional SysAdmin or network admin but have been running my
> own smtpd using cyrus-SASL for years. I want now to transition to using
> dovecot-SASL and have difficulty correctly configuring dovecot.
Perhaps you should be asking the dovecot list, not the Postfix list.
> passdb {
> driver = pam
> args = %s
> }
>
> Is this correct?
Fine so far, this goes into dovecot.conf, I have just:
passdb {
driver = pam
}
> What else must I do, in addition to changing the line in /etc/postfix/main.cf
> to read "smtp_sasl_type = dovecot"?
Create the pam stack configuration in /etc/pam.d/dovecot, I have:
# Note, custom pam_authgrp module, source in /root/pam_authgrp.c
#
auth required pam_nologin.so
auth required pam_authgrp.so no_warn group=pamimap
auth sufficient pam_krb5.so no_warn no_ccache
auth required pam_unix.so no_warn try_first_pass
account sufficient pam_krb5.so no_warn no_ccache
account required pam_unix.so no_warn
session required pam_permit.so
password required pam_krb5.so try_first_pass
You'll have something similar, but less exotic.
--
Viktor.
