Am Do, den 04.08.2005 schrieb Lars E. Pettersson um 22:46: > On 08/03/2005 05:38 PM, Alexander Dalloz wrote: > > For applications where PAM auth is involved I recommend to have a look > > at pam_abl: http://www.hexten.net/sw/pam_abl/. It is available through > > Fedora Extras ( 3 + 4). > I installed this package (thanks Alexander for making into extras) but > got into one problem, it blacklists all connections to my dovecot > imap-server, even the one that are successful. pam_abl would/should only blacklist those hosts or users with over the limit failed login/auth attempts. You say each IMAP connection to the dovecot server triggers a failed attempt and leads to blocking the user? > The only thing I changed was the following: > > --- system-auth.0 2005-07-29 11:56:39.000000000 +0200 > +++ system-auth 2005-08-04 01:12:16.000000000 +0200 > @@ -2,6 +2,7 @@ > # This file is auto-generated. > # User changes will be destroyed the next time authconfig is run. > auth required pam_env.so > +auth required /lib/security/pam_abl.so > config=/etc/security/pam_abl.conf > auth sufficient pam_unix.so likeauth nullok > auth required pam_deny.so The PAM setup looks proper. What did you configure with pam_abl.conf? > My knowledge of PAM is not that great, so I am not sure how to find the > root of this error. The dovecot installation is more or less standard, > and I have not changed anything in the dovecot pam file. It may be helpful to see the output of "pam_abl -rv". Maybe you can provide logs from the IMAP server as well. Feel free to enter a bugzilla ticket. > Lars Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp Serendipity 05:22:26 up 3:25, 19 users, 0.59, 0.78, 0.86
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
