[Cabal] A jabber server question.
Etan Reisner
deryni at eden.rutgers.edu
Thu Nov 9 01:51:38 EST 2006
So after much head-scratching and hair-pulling I have figured out what
was keeping the jabber server from authenticating correctly, with
the aid of some spot-on help from Richard.
The problem at the moment (there were some others but they have been
resolved) is that ejabberd runs as the ejabberd user and the binaries
are not setuid root and as such ejabberd can't read the shadow password
file. There seems to be two solutions to this problem: a helper program
which will setuid/seteuid itself to the correct user or adding the
ejabberd user to the shadow group (or creating a shadow-foo group,
adding ejabberd to that group, and then chgrp:ing /etc/shadow to that
group).
I'm leaning towards the group/chgrp solution because it's easier but I
figured I'd ask and see what other people thought.
-Etan
P.S. For the record the mod_auth_pam docs suggest this group tweaking to
get it working (http://pam.sourceforge.net/mod_auth_pam/shadow.html). In
case that matters to anyone.
More information about the Cabal
mailing list