New task #5766 in tpop3d: tpop3d hasła na PAM

Flyspray - The bug killer! btsadmin at pld-linux.org
Mon Mar 13 14:00:22 CET 2006 

Project: PLD 2.x (Ac)

  Reported by: Wojciech Polak (nektrus)
      Package: tpop3d
      Version: tpop3d-1.5.3-22
      Summary: tpop3d hasła na PAM
  
  ---------------------
 listen-address:
moje_ip;tls=stls,/etc/openssl/mail.crt,/etc/openssl/mail.key \
                
moje_ip;tls=immediate,/etc/openssl/mail.crt,/etc/openssl/mail.key

auth-pam-enable:        yes

auth-mysql-enable: yes
auth-mysql-mail-group: mail
auth-mysql-hostname: localhost
auth-mysql-database: postfix
auth-mysql-username: mysql
auth-mysql-password: haslo
auth-mysql-pass-query: SELECT
CONCAT('/usr/local/virtual/','$(user)', '/' ), 
CONCAT('{plaintext}',password), 'spam', 'maildir' FROM mailbox
WHERE username = '$(user)'

----------------------

To jest konfiguracja jaką posiadam w tpop3d
przy standartowym pliku PAM tpop3d

--------------------------
#%PAM-1.0
auth            required        pam_listfile.so item=user sense=deny
file=/etc/security/blacklist onerr=succeed
auth            required        pam_listfile.so item=user sense=deny
file=/etc/security/blacklist.pop3 onerr=succeed
auth            sufficient      pam_mysql.so user=postfix db=postfix
host=localhost table=mailbox usercolumn=username passwdcolumn=password
passwd=postfix crypt=0
auth            sufficient      pam_unix.so
auth            required        pam_tally.so file=/var/log/faillog
onerr=succeed no_magic_root
auth            required        pam_nologin.so
account         required        pam_tally.so deny=0
file=/var/log/faillog onerr=succeed no_magic_root
account         sufficient      pam_mysql.so user=postfix  db=postfix
host=localhost table=mailbox usercolumn=username passwdcolumn=password
passwd=postfix crypt=0
account         sufficient      pam_unix.so
session         required        pam_unix.so
--------------------------------


Autoryzacja do kont mailowych po PAM nie zwraca uwagi na hasło
przyjmuje każde i puste

zmiana na
------------------------
#%PAM-1.0
auth            required        pam_listfile.so item=user sense=deny
file=/etc/security/blacklist onerr=succeed
auth            required        pam_listfile.so item=user sense=deny
file=/etc/security/blacklist.pop3 onerr=succeed
auth            sufficient      pam_mysql.so user=postfix db=postfix
host=localhost table=mailbox usercolumn=username passwdcolumn=password
passwd=postfix crypt=0
auth            required      pam_unix.so
auth            required        pam_tally.so file=/var/log/faillog
onerr=succeed no_magic_root
auth            required        pam_nologin.so
account         required        pam_tally.so deny=0
file=/var/log/faillog onerr=succeed no_magic_root
account         sufficient      pam_mysql.so user=postfix  db=postfix
host=localhost table=mailbox usercolumn=username passwdcolumn=password
passwd=postfix crypt=0
account         required      pam_unix.so
session         required        pam_unix.so
-------------------------
Pomaga i już nie wpuszcza z nieprawidłowym/pustym hasłem




For more further see:
http://bugs.pld-linux.org/index.php?do=details&id=5766

------------------------------------------------------------------------
THIS IS AN AUTOMATICALLY GENERATED MESSAGE, DO NOT REPLY

More information about the pld-bugs mailing list