2019-04-25
Accepting multiple passwords for IMAPS access 10 months ago
After upgrading to the new homeserver my old setup to allow two passwords for IMAPS logins so I can use a separate password for IMAPS access for those devices that insist on saving a password without asking. I have the following PAM libraries:ii libpam-modules 1.1.8-3.6 amd64 Pluggable Authentication ModulesAnd I debugged the problem using the pamtester program which makes debugging this problem a lot easier than constantly changing the configuration and restarting the imap server. The relevant configuration now is:# PAM configuration file for Courier IMAP daemon #@include common-auth # here are the per-package modules (the "Primary" block) auth required pam_succeed_if.so quiet user ingroup users #auth [success=1 default=ignore] pam_unix.so nullok_secure auth sufficient pam_unix.so nullok_secure auth sufficient pam_userdb.so db=/etc/courier/extrausers crypt=crypt use_first_pass # here's the fallback if no module succeeds auth requisite pam_deny.so # prime the stack with a positive return value if there isn't one already; # this avoids us returning an error just because nothing sets a success code # since the modules above will each just jump around auth required pam_permit.so # and here are more per-package modules (the "Additional" block) # end of pam-auth-update config @include common-account @include common-password @include common-sessionAnd now both my unix login password and the extra password are accepted.