Authentication Module, UNIXAuth

UNIXAuth should ONLY be used if you have an existing mail server whose email accounts are in fact UNIX user accounts, it should not be used otherwise UNLESS you want to give your email users a shell account on your UNIX system.

UNIXAuth will only work if run as root. Thus the application using it i.e. SurgeMail needs to be setup to run as root before it can be used.

Installing and Setup

Some applications come with UNIXAuthalready built. If you have not got a build and/or require the lastest code it can be downloaded from the one of the links below:

Source: not available
Linux (Libc6) unixauth20c_linuxlibc6.tar.Z 67k
Solaris unixauth20c_solaris.tar.Z 76k
FreeBSD 4 unixauth20c_freebsd4.tar.Z 27k
HPUX unixauth20d_hpux.tar.Z 91k


Configuration options:

UNIXAuth comes requires an unixauth.ini to configurate its options. This file is located in the same directory as the UNIXAuth binary OR in a directory specified by the -path command line option. The available options are:

Setting Default
user_group <UID> The name of the group that new users are added to, <UID> is a special case where a new group is created with the same name as the user and a group id equal to the users uid if possible otherwise gid is set to highest available gid.
user_home /home The base directory for user home directory creation, a home directory called the users name (without any, if present) is created in this directory for every new user.
user_baseid 500 The lowest new user uid, UNIXAuth will find the first available uid greater than all existing uid's and greater than this setting.
loglevel info The amount of data to log, error logs only errors, info logs errors and info, debug logs everything.
debug false If set to "true" has same effect as "loglevel debug".
domain The domain name, if set this domain name is appended to all user names returned by all the commands. It is NOT appended to user names added to the password, shadow or group files.
passwd_file /etc/passwd Password file to modify.
shadow_file /etc/shadow Shadow file to modify, if you have shadow passwords and have noshadow set to false.
group_file /etc/group Group file to modify.
noshadow false Turn shadow passwords off, shadow password support is only present if the system supports it and if it does it may still be disabled with this setting.
changes_process   The process to execute after changing the password and/or shadow files. On freeBSD 4 you may want to set this to: /usr/sbin/pwd_mkdb /etc/master.passwd This will rebuild the pwd.db and spwd.db files.
changes_retries 10
crypt_type NORMAL This setting allows you to tell UNIXAuth to use a different crypting method, valid settings are NORMAL,EXTENDED,MD5, and BLOWFISH. Some values will not fn on some systems, UNIXAuth will default back to the next most likely method and try again, check the log for error messages.


Command Line Options:

-path Tells UNIXAuth where to create it's logfile and where to find it's config file.
-debug Sets the logging level to debug.

Supported Commands

The commands below are the list of commands that this module supports. For a full description about the command see Authentication Protocol

Command Parameters
check <user> <pass>
lookup <user>
set <user> <pass>|(NULL) [label="value"]
del <user>
search <string> [-from n] [-max m]