nss-mysql-users
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Nss-mysql-users] exim and SMTP AUTH

From: Marcin Sochacki
Subject: [Nss-mysql-users] exim and SMTP AUTH
Date: Tue, 26 Nov 2002 01:40:11 +0100
User-agent: Mutt/1.2.5i 
Hello,

Recently I've install nss-mysql and so far I'm quite happy with it's
features. Nevertheless there are some questions I'd like to consult with you.

1) I wanted to enable SMTP AUTH in Exim, but this option requires some form
   of access to (encrypted) password. Unfortunately, in default configuration,
   exim is unable to open /etc/nss-mysql-root.conf, e.g.:
Nov 26 00:39:50 sanus nss-mysql[3355]: Cannot open /etc/nss-mysql-root.conf 
configuration file: Permission denied. (euid=134566896, uid=134565744)

   I've tried to relax the permissions of that file to (0640,root.mail),
   but then another problem occured -- nss-mysql checks the file and
   refuses to work if the permissions seem unsafe.

   Finally, I've switched to direct authentication between exim and mysql
   (without NSS or PAM), and it works OK, but it's not that elegant.
   Having exim and other services authenticate via NSS makes them more
   universal, e.g. one could authenticate both classic /etc/passwd and
   MySQL users. In my solution -- the users from /etc/passwd can't use
   SMTP AUTH. I know I could hack nss-mysql sources and turn off the
   security check, but maybe there is another solution?

2) can I cache shadow information with nscd?

3) is it OK to use nscd, and have /etc/nss-mysql.conf mode 0600?
   I don't want my users browsing the database of accounts.
   Is nscd stable enough so I can safely use it on a server with ~3000
   shell accounts? I've heard it sometimes dies unexpectedly -- is it a myth
   or truth?

4) euid=134566896, uid=134565744 -- are those large ids OK? I often find
   them in my syslog, with regard to nss-mysql.

5) are there any tools available, which can be used to manage nss-mysql
   accounts via web/shell?

Greetings,
Marcin

-- 
Windows 2000: A reliable comprehensive and integrated operating system
              platform delivering seamless interoperability, scalability,
              and performance, and broad application support.
Open Source:  No f*ing buzzwords.
reply via email to
[Prev in Thread] Current Thread [Next in Thread]