| 90 | === System User Authentication Using PAM and passwd === |
| 91 | |
| 92 | OS X supports PAM directly, and this can easily be configured to authenticate system users for dovecot. In dovecot.conf, use this to turn on PAM based password authentication for all users configured on the system: |
| 93 | |
| 94 | {{{ |
| 95 | passdb pam { |
| 96 | args = login |
| 97 | } |
| 98 | }}} |
| 99 | |
| 100 | Unfortunately, PAM can't provide any UID, GID, or home directory information for the system users. dovecot needs a separate "userdb" database to get this information, in order to allow IMAP loging successfully. OS X uses DirectoryServices to store password information, so you can't use "passdb passwd" to do user authentication. However, you can use "userdb passwd" to retrieve the UID, GID, and home directory after PAM has already authenticated your username/password. To do this: |
| 101 | |
| 102 | {{{ |
| 103 | userdb passwd { |
| 104 | args = |
| 105 | } |
| 106 | }}} |
| 107 | |
| 108 | Together, these prevent the need for hardcoded passwd.dovecot and userdb.dovecot files, and don't require any knowledge of LDAP. However, they only support system usernames, and not virtual mailboxes. I have tested this with IMAP and the dovecot LDA (deliver) successfully. |
| 109 | |
| 110 | |