From owner-freebsd-hackers  Sat Nov 11 22:22:49 1995
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.6.12/8.6.6) id WAA25292
          for hackers-outgoing; Sat, 11 Nov 1995 22:22:49 -0800
Received: from mystery.milleredp.com (root@mystery.milleredp.com [205.184.29.2])
          by freefall.freebsd.org (8.6.12/8.6.6) with ESMTP id WAA25286
          for <hackers@freebsd.org>; Sat, 11 Nov 1995 22:22:47 -0800
Received: from tincan (tincan.milleredp.com [205.184.29.3]) by mystery.milleredp.com (8.6.12/8.6.9) with SMTP id VAA21285 for <hackers@freebsd.org>; Sat, 11 Nov 1995 21:19:10 -0800
Message-Id: <199511120519.VAA21285@mystery.milleredp.com>
Comments: Authenticated sender is <jem@mystery>
From: "John Edward Miller" <jem@mystery.milleredp.com>
To: hackers@freebsd.org
Date:          Sat, 11 Nov 1995 22:21:20 +0000
Subject:       2.0.5-R, Cyrus IMAPd, getpwnam() ?
Priority: normal
X-mailer: Pegasus Mail for Windows (v2.01)
Sender: owner-hackers@freebsd.org
Precedence: bulk

I stand prepared to accept that it's my own idiocy, as (1) I'm no
*nix wiz and (2) it's been about 2 yrs since I've laid finger to the 
curly-brace key in actually writing code, but...

I'm trying to build the CMU Cyrus IMAP mail server on FreeBSD 2.0.5.
I've encountered a couple minor glitches (one lex/flex _yylineno
issue, their makefiles use makedepend and I hadn't installed X, and
the need to include libcrypt.a in the lib list).  

After some monkeying around with trying to find shadow.h a subsequent
R of TFManpages tells me that FreeBSD has shadow-password support in
the standard pwd functions.  Therefore I assume Cyrus should be built
with unix/getpwnam() authentication and not unix_shadow/getspnam(). 
So far so good; it builds, inetd starts it.

The problem: Upon attempting to log in, no matter what user, all
passwords fail validation.  If I start imapd as a command at a shell
prompt and just talk to it via stdin/stdout, correct passwords do
allow login.

After some fiddling with gdb and adding some additional debug code,
it's apparent that getpwnam() is (correctly) retrieving the encrypted
password from master.passwd when it's run at the shell prompt, but
(incorrectly) getting the * from passwd when run through imapd.  

Is it me?  Is it a permission problem?  A shared-library issue
somehow?  The imapd binary is owned by root.bin.  

Instant comprehensive fixes preferred ;-); any useful info or pointers 
appreciated.  Thanks.

John.



---------------------------------------------------------------
"It's not possible to belong to a club if one has to arrest the
members; it's not sociable"

- Marquis de Galliffet