[Bug 193927] New: saslauthd Broken By Recent MFC

Thu Sep 25 15:49:51 UTC 2014

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=193927

            Bug ID: 193927
           Summary: saslauthd Broken By Recent MFC
           Product: Base System
           Version: 10.1-BETA1
          Hardware: Any
                OS: Any
            Status: Needs Triage
          Severity: Affects Many People
          Priority: ---
         Component: conf
          Assignee: freebsd-bugs at FreeBSD.org
          Reporter: tundra at tundraware.com

Recent MFC broke saslauthd.  A separate file for 'smtp' is now required in
/etc/pam.d to fix this.  Per Dimitry Andric, this needs to be in that file:

-----

To make saslauthd work again, you need to specify a correct PAM policy
file in /usr/local/etc/pam.d for your service, most likely "smtp" in
this case.  E.g., create a file /usr/local/etc/pam.d/smtp, containing at
least:

auth            required        pam_unix.so             no_warn
try_first_pass
account         required        pam_unix.so
session         required        pam_permit.so
password        required        pam_permit.so

Optionally, add a line:

auth            required        pam_group.so            luser
group=smtp-users fail_safe

to allow only members of the smtp-users group to authenticate
successfully.

-----

Suggest an example /etc/pam.d/smtp be provided in base system along with a note
in UPDATING.

Thanks,

-- 
You are receiving this mail because:
You are the assignee for the bug.