Over at http://pam-mysql.sourceforge.net you can download source for a PAM module that allows authentication against MySQL - very handy. At 360is we have a managed email solution that permits virtual domain information to be stored in a MySQL database, and pam-mysql provides a nice method to authenticate IMAP and SMTP sessions against this database.
Faced with rolling this out to many Solaris systems we decided to compile pam-mysql and produce a Sun package of it - you can download it from here. We've only built this on Solaris 10 for i386 so far, but if demand for a Sparc version arises, we can probably build it too.
It's compiled with Sun Studio 11, complete with optimisations, and is linked against MySQL5 from Blastwave. You'll need a couple of packages from Blastwave to satisfy the dependencies (noted in the package) - CSWmysql5rt [mysql5rt] and CSWosslrt [openssl_rt].
A typical usage would be to have Cyrus SASLauthd authenticating against pam. Here's a quick example pam.conf entry for smtp:
smtp auth sufficient pam_mysql.so user=[SQLUSER] passwd=[SQLPASSWD] host=/tmp/mysql.sock db=[SQLDATABASE] table=[SQLTABLE] usercolumn=[SQLFIELD] passwdcolumn=[SQLFIELD] crypt=1 sqllog=0
smtp auth required pam_mysql.so user=[SQLUSER] passwd=[SQLPASSWD] host=/tmp/mysql.sock db=[SQLDATABASE] table=[SQLTABLE] usercolumn=[SQLFIELD] passwdcolumn=[SQLFIELD] crypt=1 sqllog=0
smtp account sufficient pam_mysql.so user=[SQLUSER] passwd=[SQLPASSWD] host=/tmp/mysql.sock db=[SQLDATABASE] table=[SQLTABLE] usercolumn=[SQLFIELD] passwdcolumn=[SQLFIELD] crypt=1 sqllog=0
...replace all the [] with your correct information.
Posts
No comments:
Post a Comment