Laurent Blume
2008-Mar-04 16:09 UTC
[Dovecot] Building Dovecot with OpenLDAP break PAM LDAP on Solaris
Hi all, I'm back with more data on a problem Iposted about one month ago. To sum it up, my Solaris 10 box has local accounts as well as LDAP ones via PAM. They work well as-is, with no special configuratio, for WU IMAP (using the ?other? entry in pam.conf. When I tried a self-built Dovecot, all accounts were authenticated without problem. Then I tried the Blastwave version, same release, but with more option, and this one didn't work with the exact same configuration: local accounts were authenticated, not the PAM LDAP ones. Now, it turns out that when Dovecot is built using OpenLDAP, then PAM LDAP account won't work. If it's built with Solaris LDAP, they work, everything else being equal. Is there any way to fix that? There's the Blastwave bug report with more details if needed: http://www.blastwave.org/mantis/view_bug_page.php?f_id=0002760 Thanks in advance for any help, Laurent -- / Leader de Projet & Communaut? | I'm working, but not speaking for \ G11N http://fr.opensolaris.org | Bull Services http://www.bull.com / FOSUG http://guses.org |
Timo Sirainen
2008-Mar-07 09:03 UTC
[Dovecot] Building Dovecot with OpenLDAP break PAM LDAP on Solaris
On Mar 4, 2008, at 6:09 PM, Laurent Blume wrote:> Now, it turns out that when Dovecot is built using OpenLDAP, then PAM > LDAP account won't work. If it's built with Solaris LDAP, they work, > everything else being equal. > > Is there any way to fix that?I guess it's because the pam_ldap(?) is linked to Solaris LDAP library and dovecot-auth then gets linked to both of them. Try building pam_ldap linked to OpenLDAP. -------------- next part -------------- A non-text attachment was scrubbed... Name: PGP.sig Type: application/pgp-signature Size: 194 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20080307/77912e7b/attachment-0002.bin>
Laurent Blume
2008-Mar-07 15:47 UTC
[Dovecot] Building Dovecot with OpenLDAP break PAM LDAP on Solaris
Timo Sirainen a ?crit :> I guess it's because the pam_ldap(?) is linked to Solaris LDAP library > and dovecot-auth then gets linked to both of them. Try building pam_ldap > linked to OpenLDAP.I'm afraid I can't, it's part of the system, I'd void my warranty. I'm not even sure it'd work. So, my conclusion is that I have to build it. Okay, not a huge deal, it's easy :-) We can see later if/when we switch to direct LDAP connection rather than through PAM. Thanks, Laurent -- / Leader de Projet & Communaut? | I'm working, but not speaking for \ G11N http://fr.opensolaris.org | Bull Services http://www.bull.com / FOSUG http://guses.org |