FS#61696 - [opensmtpd] Need to add /etc/pam.d/smtpd
Attached to Project:
Community Packages
Opened by [] (genkisky) - Sunday, 10 February 2019, 00:21 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:00 GMT
Opened by [] (genkisky) - Sunday, 10 February 2019, 00:21 GMT
Last edited by Buggy McBugFace (bugbot) - Saturday, 25 November 2023, 20:00 GMT
|
Details
Description: OpenSMTPD uses PAM, for example to do AUTH
PLAIN. However due to
This is potentially confusing to the user. Probably, a /etc/pam.d/smtpd should be provided with the opensmtpd package, like: auth required pam_unix.so account required pam_unix.so password required pam_unix.so session required pam_unix.so Though, I am not a PAM expert. Additional info: * pambase=20190105.1-1, opensmtpd=* Steps to reproduce: $ useradd test $ passwd test # use "test" $ openssl s_client -starttls smtp host:587 [ ... ] ehlo localhost [ ... ] auth plain AHRlc3QAdGVzdA== # This is: printf '\x00%s\x00%s' test test | base64 535 Authentication failed ^C $ # Either downgrade to pambase-20171006-1, or add the above example /etc/pam.d/smtpd $ openssl s_client -starttls smtp host:587 [ ... ] ehlo localhost [ ... ] auth plain AHRlc3QAdGVzdA== # Exact same as earlier 235 2.0.0: Authentication succeeded |
This task depends upon
Closed by Buggy McBugFace (bugbot)
Saturday, 25 November 2023, 20:00 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/opensmtpd/issues/2
Saturday, 25 November 2023, 20:00 GMT
Reason for closing: Moved
Additional comments about closing: https://gitlab.archlinux.org/archlinux/p ackaging/packages/opensmtpd/issues/2
I changed the pam config from the one you suggested as smtpd does not appear to need password or session entries,
pam_nologin.so rejects access during system startup and shutdown, system-auth allows any authentication means configured for the system (by default pam_unix and pam_systemd_home).