dovecot - Jul 2006 - PAM Error on POP3s auth? And apop?

Fellow Dovecot'ers,

	I've -almost- got Dovecot completely functional, and I will add that it
works just fine for non-authenticated POP3.

	The problem begins when I try to use authentication for same against the
system's /etc/passwd section. This is the error message that comes up in
/var/log/maillog

Jul  9 21:14:10 featherweb dovecot: auth(default): pam(kyrrin at
bluefeathertech.com,192.168.42.40): pam_start() failed: system error
Jul  9 21:14:17 featherweb dovecot: pop3-login: Aborted login: user=<kyrrin
at bluefeathertech.com>, method=PLAIN, rip=192.168.42.40, lip=192.168.42.130,
TLS

	THE PLATFORM: NetBSD 3.0, Postfix 2.3-RC8 (soon to be replaced by an official
release in the coming week), and whatever the current release candidate of
Dovecot is.

	I did some googling for that pam_start error, and discovered (much to my
annoyance) that it may be a system bug within NetBSD 3.0. If that's the
case, given that I don't have anywhere near the programming skill to even
try and correct it, it'll mean I'm pretty much stuck until the NetBSD
developers fix it, or until I can figure out an alternate authentication method
that won't be an administrative nightmare.

	Does anyone have any ideas on this? For the benefit of poking and pondering,
this is the relevant section of my dovecot.conf file.

auth default {
  # Space separated list of wanted authentication mechanisms:
  #   plain login digest-md5 cram-md5 ntlm rpa apop anonymous gssapi
  mechanisms = plain login
  passdb pam {
  }
  userdb passwd {
  }
  socket listen {
        client {
        path = /var/spool/postfix/private/auth
        mode = 0660
        user = postfix
        group = postfix
  }
 }
}

	And this is the contents of the file 'dovecot' in the directory
/etc/pam.d

# PAM configuration for the "dovecot" subsystem.
#
# auth
auth            required        pam_nologin.so          no_warn
auth            required        pam_unix

	That entry should, in theory, block all logins if the /etc/nologin file is
present, and then hand off to the pam_unix module if it's not. pam_unix, in
NetBSD, is the module that authenticates against the /etc/passwd file.

	As I said, further thoughts would be welcome. If it is a NetBSD system bug
causing that pam_auth error, ideas for a simple workaround until the NetBSD crew
gets things patched up would also be welcome.

	Thanks in advance.


-=-=-=-=-=-=-=-=-=-=-=-
Bruce Lane, Owner & Head Hardware Heavy,
Blue Feather Technologies -- http://www.bluefeathertech.com
kyrrin (at) bluefeathertech do/t c=o=m
"If Salvador Dali had owned a computer, would it have been equipped with
surreal ports?"

Bruce Lane wrote:
> Fellow Dovecot'ers,
> 
> 	I've -almost- got Dovecot completely functional, and I will add that
it works just fine for non-authenticated POP3.
> 
> 	The problem begins when I try to use authentication for same against the
system's /etc/passwd section. This is the error message that comes up in
/var/log/maillog
Wait... why have you configured it to use PAM, when you say you want it to auth 
against /etc/passwd?  If you really _do_ want to use /etc/passwd, set your 
userdb to 'passwd', and your passwd to either 'passwd' or
'shadow', whichever
suits your system.

--
Curtis Maloney
cmaloney at cardgate.net