[Cabal] A jabber server question.

Etan Reisner deryni at eden.rutgers.edu
Thu Nov 9 01:51:38 EST 2006

So after much head-scratching and hair-pulling I have figured out what 
was keeping the jabber server from authenticating correctly, with 
the aid of some spot-on help from Richard.

The problem at the moment (there were some others but they have been 
resolved) is that ejabberd runs as the ejabberd user and the binaries 
are not setuid root and as such ejabberd can't read the shadow password 
file. There seems to be two solutions to this problem: a helper program 
which will setuid/seteuid itself to the correct user or adding the 
ejabberd user to the shadow group (or creating a shadow-foo group, 
adding ejabberd to that group, and then chgrp:ing /etc/shadow to that 

I'm leaning towards the group/chgrp solution because it's easier but I 
figured I'd ask and see what other people thought.


P.S. For the record the mod_auth_pam docs suggest this group tweaking to 
get it working (http://pam.sourceforge.net/mod_auth_pam/shadow.html). In 
case that matters to anyone.

More information about the Cabal mailing list