[Dovecot] PAM authentication woes with MacOSX

Jim Reid dovecot at rfc1035.com
Sat Apr 22 01:05:48 EEST 2006 

Hi. I've just compiled and installed 1.0beta7 on MacOSX 10.4.6. I  
have lost the battle with PAM authentication. When I connect to the  
IMAP server and provide the correct user name and password, the mail  
client is told authentication failed. Here's what's in the log:

Apr 21 22:47:43 shaun dovecot: auth(default): client in: AUTH    2       PLAIN  service=IMAP     secured lip=195.54.233.68        rip=195.54.233.69       resp=AGppbQB1bmxpbmsoLik=
Apr 21 22:47:43 shaun dovecot: auth(default): pam(jim,195.54.233.69):  pam_authenticate() failed: Authentication failure
Apr 21 22:47:45 shaun dovecot: auth(default): client out: FAIL   2       user=jim
Apr 21 22:47:53 shaun dovecot: auth(default): client in: AUTH    3       PLAIN  service=IMAP     secured lip=195.54.233.68        rip=195.54.233.69       resp=AGppbQB1bmxpbmsoLik=
Apr 21 22:47:53 shaun dovecot: auth(default): pam(jim,195.54.233.69):  pam_authenticate() failed: Authentication failure
Apr 21 22:47:53 shaun dovecot: auth(default): client out: FAIL   3       user=jim
Apr 21 22:47:55 shaun dovecot: imap-login: Aborted login: user=<jim>,  method=PLAIN, rip=195.54.233.69, lip=195.54.233.68, TLS

After some googling, I found a posting from this list that claimed  
the following PAM setup would work for MacOSX:

# dovecote: auth account password session
auth       required       pam_nologin.so
auth       sufficient     pam_securityserver.so
auth       sufficient     pam_unix.so
auth       required       pam_deny.so
account    required       pam_permit.so
password   required       pam_deny.so
session    required       pam_uwtmp.so

It didn't. :-( If it had, I wouldn't be posting this. :-)

BTW, that posting said the wiki entry for PAM didn't work on MacOSX.  
Which is true. I tried that unsuccessfully too.

Can anyone shed any light on what's been misconfigured or how to turn  
on enough debugging to show where I'm going wrong? Thanks.

BTW, here's what I think is the relevant bit of dovecote.conf:

auth default {
   mechanisms = plain
   passdb pam {
     args = dovecot
   }
   userdb passwd {
   }
   user = root
}

More information about the dovecot mailing list