Date: Wed, 4 Jul 2001 05:06:05 -0400 From: Paul Chvostek <paul@it.ca> To: freebsd-questions@freebsd.org Subject: pam_radius username munging for pop3/imap? Message-ID: <20010704050605.P31735@gahch.it.ca>
next in thread | raw e-mail | index | archive | help
Heya. I have no trouble using PAM to authenticate normal POP3/IMAP logins, but how do I deal with a realm under pam_radius? Or more to the point, is there any way for me to set up some sort of translation of realm to local username, so that realm support doesn't have to be built into the POP3 and IMAP source itself? The situation is that I'm trying to migrate from an old server to a new one.... The old server has an old hacked-up version of imap-uw that knows how to translate a username "user@foobar.com" to "fb-user" and check the password for the translated username. The password file has all the users for foobar.com with "fb-" in fron of 'em, and users can use their email address as a POP3 login name. There's a text file that lists the translations between domains/realms and prefixes, and imapd and ipop3d do their magic with putenv() and getenv(). I'm trying to duplicate the hack without having to re-apply it to current UW sources, which are ugly and no fun to play in. An ideal solution would probably be a pam_radius parameter which could call an external program that would translate an authenticated username into a local account name. Anybody have a quick fix? Alternately, can anyone advise as to an appropriate approach to this problem? I'm having trouble thinking of anything elegant. Thanks. -- Paul Chvostek <paul@it.ca> Operations / Development / Abuse / Whatever vox: +1 416 598-0000 IT Canada http://www.it.ca/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010704050605.P31735>