[CentOS] Pam problems

Thu Feb 23 20:20:51 UTC 2012
Steve Campbell <campbell at cnpapers.com>


On 2/23/2012 1:35 PM, Les Mikesell wrote:
> On Thu, Feb 23, 2012 at 12:20 PM, Steve Campbell<campbell at cnpapers.com>  wrote:
>>   Or maybe by the
>>> slightly-weird 'alternatives' system.  Have you followed all of the
>>> symlinks that might be involved?
>> Symlinks? I haven't found any of those yet. All files are real files
> On a 6.x system with dovecot and sendmail,  /etc/pam.d/smtp is a
> symlink.  I haven't tracked down the significance.

It appears it's just a basic pam file but instead of system-auth, it has 
password-auth.
>
>> Meant to say pretty much everyone over on the dovecot list must be using
>> postfix, which has support for dovecot auth. I'd like to make sendmail
>> use cyrus sasl, and I don't really care what auth dovecot uses, but I'm
>> guessing it's inflexible so that it probably will use dovecot auth.
> Whatever you think about sendmail, you can't say it is inflexible.
> And whatever issues you are having are from not understanding the
> configuration.

I don't have a problem with Sendmail, and it's always been flexible 
enough to do what I've needed from it. The configuration issue may be 
the problem, but I've been running it for twenty years or more and until 
now, that's not been the case. I'd say it's more than likely I don't 
understand the dovecot configurations.
>
>> The
>> suggestion to make them the same has been brought up, but all's I want
>> to use is the PAM mechanism.
> That should have been the default.

I agree. But it didn't work.
>
>> turn off dovecot means "service dovecot stop" or
>> "/etc/rc.d/init.d/dovecot stop". saslauthd is still running and so is
>> sendmail. saslauthd is started at boot and I've made sure it really is
>> running using ps.
> That's not a default, is it?  Or for sendmail to use it?  And it is
> probably the one from the cyrus-sasl package.

Correct again. Apparently, since sendmail is the secondary choice for 
MTA and dovecot is to work with postfix, nothing about my setup now is 
standard or default except for dovecot.

Looks like I'm going to have to push postfix into service. It means 
learning where all the options are, just like in dovecot, and modifying 
any software that depends on the sendmail package, like MailScanner and 
who knows what else until I hit it.

Such a shame to have to throw away such a nice program, but I don't 
write it, I just use it.

steve
>