Displaying 20 results from an estimated 10000 matches similar to: "Only allow connections if file (or special condition) is present"
2013 May 29
1
Enable IMAP only for certain users/IP
Hi,
I'm trying to config dovecot to enable IMAP protocol only for certain
IPs and users.
The logical steps I've followed are:
1. If a user is trying to login from an IP that I've authorized (
listed in a file) the request is authorized.
2. If not, if the user is listed in a second file the request is
authorized.
3. If also this check fails the request is rejected.
I'm using PAM
2002 Feb 13
2
Problem with using both pam_listfile to deny logins and pubkey authentication
Hi,
I'm trying to use pam_listfile.so to deny logins from all others but few
users (names in /etc/loginusers). With password authentication it works
fine, but with public key authentication OpenSSH lets in users whose
names arent't in /etc/loginusers. AllowUsers in sshd_config does what
one would expect.
I'm using OpenSSH-3.0.2p1 on Debian testing (package version
1:3.0.2p1-6)
2007 Jun 16
3
Per user based protocol access and pause after failed login?
Hello.
Tried search, no luck, sorry, if this is already answered, but I'm still
looking a solution using pam_auth how to define in dovecot which user
can access which protocol, for example, default is:
protocols = pop3 pop3s imap imaps
I'd like to use something like this:
exclude_using_pop = user1, user2, @group
exclude_using_pops = user1, user2, @group
exclude_using_imap = user1,
2010 Dec 27
3
Dovecot - AllowGroups option
Hi,
I'm trying to control access to different services on an Debian server using /etc/group. So that a user I create for FTP usage doesn't fill up my server with IMAP folders or samba garbage.
Services like proftpd have:
"AllowGroup ftpgroup"
sshd have
"AllowGroups sshgroup"
And samba have
"valid users = @smbgroup"
But I can't find the correct
2004 Jun 06
2
Feature request?
I'd like to toss a feature request on the table for consideration. We
currently use a different popd because of a feature that allows us to
restrict pop access based upon an allowed users list. This is the only
thing that keeps us from using the popd in dovecot currently. It's a
simple text file of usernames that are allowed to use pop, if the name
isn't in that list then pop
2009 Jul 10
1
vsftpd not able to log in
Hi folks,
I can't seem to log into my system via
vsftpd. All other services using PAM are fine...Am I missing something simple?
ftp> user
(username) user
331 Please specify the password.
Password:
530 Login incorrect.
# getenforce
Permissive
here is the event in /var/log/audit/audit.log:
type=USER_AUTH msg=audit(1247235151.569:9781): user pid=21052 uid=0 auid=0
2004 Jan 12
1
PAM_ERROR_MSG and PAM_TEXT_INFO from modules
Hi,
I have tested the current snapshot portable release (dated Jan 9
2004).
configuration has:
UsePAM yes
PasswordAuthentication no
ChallengeResponseAuthentication yes
UsePrivilegeSeparation yes
two problems:
first pam_motd does not work anymore.
second, I needed a quick way to disable normal user logins without
disabling admin accounts (members of group wheel). the best option i
could come
2004 Oct 18
1
disable password authentication per user
I would like disable password authentication in sshd for particular users,
without locking their UNIX password, and without requiring all users to
use PubkeyAuthentication. I cannot find a documented way to accomplish
this in OpenSSH. Is it currently possible?
If not, I think this would be a very useful feature to add. I believe
that each user should have some control of which authentication
2008 Jan 18
1
Static list of users with passdb pam
Hi,
On my system, I want to provide imap access for some of the users listed
in /etc/passwd. The list of users should be provided by me, and should
just be a list in a text file. All the userdb options are static (uid,
gid, home directory). Unfortunately, I cannot think of a way to
configure Dovecot to do this. The closest I get is with:
passdb pam {}
userdb passwd-file {
args =
2015 Oct 12
1
getting error Ignoring parameter browse directory and winbind sequence directory
On 12/10/15 08:27, VigneshDhanraj G wrote:
> Hi Rowland,
>
> Thanks for the help.
>
> Yes, Joined to the domain, ftp uses pam authentication. After
> upgrading samba i found ftp pam authentication not working
>
> /etc/pam.d/ftp contains
>
> #%PAM-1.0
> auth sufficient /lib/security/pam_smbpass.so
> auth sufficient /lib/security/pam_winbind.so
2009 Oct 08
3
TOSHAG-Winbind.xml translate finished and some bug found
Now, TOSHARG-VFS.xml translate to Japanese finished(3.4.0 base).
And some bug found.
<indexterm><primary>UID</primary></indexterm>
<indexterm><primary>GID</primary></indexterm>
<indexterm><primary>SID</primary></indexterm>
<indexterm><primary>idmap uid</primary></indexterm>
2006 Feb 21
1
OT Proftpd Continued
Below is a cut and past from my log files that are sent to me. This is
from the last day that proftpd worked correctly. I'm not sure why
proftpd was restarted as the log states:
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sun Feb 19 09:02:02 2006
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles
2015 Oct 12
2
getting error Ignoring parameter browse directory and winbind sequence directory
Hi Rowland,
Yes, Joined to the domain, ftp uses pam authentication. After upgrading
samba
On Fri, Oct 9, 2015 at 8:08 PM, Rowland Penny <rowlandpenny241155 at gmail.com>
wrote:
> On 09/10/15 15:28, VigneshDhanraj G wrote:
>
>> Hi Rowland,
>>
>> I updated samba from 40.25 to 4.1.20, now ftp is not working.
>>
>>
> Very cryptic, why isn't ftp
2002 Nov 15
1
Winbind and Samba
Hi all, I was wondering if someone could lend a little assistance.
I recently setup SAMBA/Winbind to allow users to login to a Redhat 8 box
using their Windows NT Domain credentials. All is working well in that
regard.
The issue I am having is getting regular UNIX based users to be able to
login. The following is my PAM configuration. For example, if I try to
login as root, it does not work.
2001 Dec 20
2
winbindd and ftp
Hello,
I setup samba2.2.2 with winbind. samba is a member of domain with
security=domain. Now both work well.
Since there is no user in /etc/passwd, and user information gets from PDC(a
win2000 server).
The question is: there is no /home/xxx directory too.(I don't want to make
it manually).
I can configure /etc/pam.d/login with :
session required /lib/security/pam_mkhomedir.
so when
2002 Jun 03
1
Problem with pam_winbind
I'm on a redhat 7.2 box, and I am trying to configure PAM to use winbind
to authenticate against an NT4 PDC. I followed the instructions I
found at:
http://de.samba.org/samba/ftp/docs/htmldocs/Samba-HOWTO-Collection.html#WINBIND
I compiled the 2.2.4 source and have tried several permutations of the
setup they suggest, and have tried many solutions I've seen suggested on
different
2007 Dec 04
10
Using puppet to manage user access to servers.
I''m guessing this is a common use case, but I wasn''t able to find
anything in the site FAQ. We''re looking at using Puppet on about 100
servers to control which user groups have access to which servers.
The use case is as follows:
We have Groups of servers, for example:
CUSTOMERservers (serverA, serverB, ...,serverK)
ADMINISTRATIVEservers
2007 Jan 15
1
Winbind caching group membership issue
Hi All,
I am using samba-common-3.0.10-1.4E.9 on a RHEL4_U4 x86 machine. The
ADS server is WS03 sp1 running in Windows Server 2003 interim mode. In
general thing are working well. However, when winbind caching is
enabled (default), group membership does not appear to update, i.e.
"wbinfo -r bob" and "groups bob" don't reflect changes in ADS group
membership.
2016 Oct 13
0
How to tell spicy client to use SASL authentication?
I'm using libvirt in desktop environment. Single host machine, pair of users, a few guest machines. The first thought was that unix socket restricted to specific group is just enough for authentication. But virsh has the power like sudo: you could define pool on real device and write anything on it. So I decided to authenticate with password for each virsh use. I'm using SASL + saslauthd +
2005 Aug 02
0
where is "pam_listfile.so" for static userdb?
hi all,
i'm setting up Dovecot on OSX to use PAM authentication against a
flat_file/static userdb (tho i will _eventually_ mv to pgsql ...).
iiuc, to do so i need something like:
===================================
(EDITOR) /etc/pam.d/dovecot.imap
auth required pam_listfile.so item=user sense=allow file=/var/dovecot/imapusers
onerr=fail
===================================
for a userdb