From owner-freebsd-questions@freebsd.org Sun Apr 28 23:12:59 2019 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 6A905158CE14 for ; Sun, 28 Apr 2019 23:12:59 +0000 (UTC) (envelope-from plmahan@gmail.com) Received: from mail-vs1-xe31.google.com (mail-vs1-xe31.google.com [IPv6:2607:f8b0:4864:20::e31]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 1763B8184E for ; Sun, 28 Apr 2019 23:12:58 +0000 (UTC) (envelope-from plmahan@gmail.com) Received: by mail-vs1-xe31.google.com with SMTP id j184so4868846vsd.11 for ; Sun, 28 Apr 2019 16:12:58 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=L7PNmDCgADvg+k19OUh6BZFOtRgX9Br8RL8GKRxXTJ4=; b=TwmdNZ86YN7duWFs+vRb3JPMMZfTkt1C9/XEdgidYomEnKI1Vsw23JtIDdGB7VOaTN bWsGwqfgutBEydVtDME1hlZnjPBbVNdKFvdnqFEFiBFg0VwUXQ6NAiLo7Bt775u65+vI cd11PWCVkrx9QKs0pbl9ZunLcDPLzMXcN3r1qJeoS3JH/xPxyo+aXn3pxnAPIAefRnWN gSMXsB4MBXB4yOMPUzRwlti9WwkfWR1WB4kcZDWuIkHwifgW383SVrb5Lzz48Gsvdj4Y ytORu+An62eFg9Avts32zM6MghjRZZ/DPdt0/tDdOCtbK3jdazBf66b5qSyih2n5+G8+ /W2A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=L7PNmDCgADvg+k19OUh6BZFOtRgX9Br8RL8GKRxXTJ4=; b=bTfgKAnHPzdaEYiP+cB9pKkgqzpghnpHu2iheVtMkV0a/M4jiC+pqqbq7lSn/ed95w plAHDvGo6pSXvdO7Sum88zzywfpdtSWuM11CTmU+/7kRsoPghoTPsj8SRbZz4pf1cnwd TECMoTQelBnMPizQ5q6+M7O60+Yv/kAsPuTo9U+rjYVN8OoIwk2PfKjUKfEOUPOLV2t2 hM6YVGdTz+e+xDNlt5KWCRKvlbRAVIxl06wtYhAMX1B6D0VEvfGQo10Q0tXOCRsFvBFC sYMJQNpfAaf+1nTs4azv1fkTaSKadh7O1ymJelbRFKHGexYF4hw1VEHGyzeUrXySrbOO Jm0Q== X-Gm-Message-State: APjAAAUQbsD8TV95vqr0vrbjypLlULhUGzcjml4r5JSL6nhKmeJDDsum T4ZTa1oZGZJ6I9ybPOf6Vhzj9cB068gjdWKUSiylW04N X-Google-Smtp-Source: APXvYqwhzmMAlSTn9RAqZfvFKPD2f6zKdeNlgKEKYocOT7b2x3XuROmD3Xd+c10YbqtldMx13tElXd3HbUCC9iaGqNA= X-Received: by 2002:a67:af16:: with SMTP id v22mr6229046vsl.221.1556493176915; Sun, 28 Apr 2019 16:12:56 -0700 (PDT) MIME-Version: 1.0 From: Patrick Mahan Date: Sun, 28 Apr 2019 16:12:45 -0700 Message-ID: Subject: How determine if a process is running with the proper privilege (dovecot auth issues) To: User Questions X-Rspamd-Queue-Id: 1763B8184E X-Spamd-Bar: ------- Authentication-Results: mx1.freebsd.org; dkim=pass header.d=gmail.com header.s=20161025 header.b=TwmdNZ86; dmarc=pass (policy=none) header.from=gmail.com; spf=pass (mx1.freebsd.org: domain of plmahan@gmail.com designates 2607:f8b0:4864:20::e31 as permitted sender) smtp.mailfrom=plmahan@gmail.com X-Spamd-Result: default: False [-7.02 / 15.00]; ARC_NA(0.00)[]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; R_DKIM_ALLOW(-0.20)[gmail.com:s=20161025]; FROM_HAS_DN(0.00)[]; R_SPF_ALLOW(-0.20)[+ip6:2607:f8b0:4000::/36]; FREEMAIL_FROM(0.00)[gmail.com]; MIME_GOOD(-0.10)[multipart/alternative,text/plain]; PREVIOUSLY_DELIVERED(0.00)[freebsd-questions@freebsd.org]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; RCPT_COUNT_ONE(0.00)[1]; RCVD_TLS_LAST(0.00)[]; TO_DN_ALL(0.00)[]; MX_GOOD(-0.01)[cached: alt3.gmail-smtp-in.l.google.com]; DKIM_TRACE(0.00)[gmail.com:+]; DMARC_POLICY_ALLOW(-0.50)[gmail.com,none]; RCVD_IN_DNSWL_NONE(0.00)[1.3.e.0.0.0.0.0.0.0.0.0.0.0.0.0.0.2.0.0.4.6.8.4.0.b.8.f.7.0.6.2.list.dnswl.org : 127.0.5.0]; TO_MATCH_ENVRCPT_ALL(0.00)[]; IP_SCORE(-3.06)[ip: (-9.80), ipnet: 2607:f8b0::/32(-3.19), asn: 15169(-2.27), country: US(-0.06)]; NEURAL_HAM_SHORT(-0.94)[-0.942,0]; FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+,1:+]; FREEMAIL_ENVFROM(0.00)[gmail.com]; ASN(0.00)[asn:15169, ipnet:2607:f8b0::/32, country:US]; RCVD_COUNT_TWO(0.00)[2]; DWL_DNSWL_NONE(0.00)[gmail.com.dwl.dnswl.org : 127.0.5.0] Content-Type: text/plain; charset="UTF-8" X-Content-Filtered-By: Mailman/MimeDel 2.1.29 X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Apr 2019 23:12:59 -0000 All, I have been (slowly) tracking down why my dovecot stopped working once I switched over to using postfix instead of sendmail. My problem seems to be that when my mail client (thunderbird) attempts to access the mail using port 993 (imaps) it is failing to authenticate me. I am using PAM authentication and when pam_unix:pam_sm_authenticate() is called for my username, the pw_passwd entry is '*' and not the actual password entry seen in master.passwd. I wrote a quick test program using getpwnam() and crypt() and I have found that if I run it as a normal user it fails exactly the same way that I am seeing dovecot + PAM fail. If instead, I run my test program as root, it succeeds. So my suspicion is that the dovecot auth is not running privileged, which is what I am trying to determine, hence the question in the subject line. Thanks for any pointers. Patrick