Unixauth should ONLY be used if you have an existing mail server whose email accounts are in fact unix user accounts, it should not be used otherwise UNLESS you want to give your email users a shell account on your unix system.
Unixauth will only work if run as root. Thus the application using it i.e. SurgeMail needs to be setup to run as root before it can be used.
The configuration options below go in an unixauth.ini file which is located in the same directory as the unixauth binary OR in a directory specified by the -path command line option.
user_group: The name of the group that new users are added to, <UID> is a special case where a new group is created with the same name as the user and a group id equal to the users uid if possible otherwise gid is set to highest available gid. user_home: The base directory for user home directory creation, a home directory called the users name (without any @domain.com, if present) is created in this directory for every new user. user_baseid: The lowest new user uid, UnixAuth will find the first available uid greater than all existing uid's and greater than this setting. loglevel: The amount of data to log, error logs only errors, info logs errors and info, debug logs everything. debug: If set to "true" has same effect as "loglevel debug". domain: The domain name, if set this domain name is appended to all usernames returned by all the commands. It is NOT appended to usernames added to the passwd,shadow or group files. passwd_file: Password file to modify. shadow_file: Shadow file to modify, if you have shadow passwords and have noshadow set to false. group_file: Group file to modify. noshadow: Turn shadow passwords off, shadow password support is only present if the system supports it and if it does it may still be disabled with this setting. changes_process: The process to execute after changing the password and/or shadow files. On freeBSD 4 you may want to set this to: /usr/sbin/pwd_mkdb /etc/master.passwd This will rebuild the pwd.db and spwd.db files. crypt_type: This setting allows you to tell unixauth to use a different crypting method, valid settings are NORMAL,EXTENDED,MD5, and BLOWFISH. Some values will not fn on some systems, unixauth will default back to the next most likely method and try again, check the log for error messages.
-path Tells UnixAuth where to create it's logfile and where to find it's config file. -debug Sets the logging level to debug.
|set||<user> <pass>|(NULL) [label="value"]|
|search||<string> [-from n] [-max m]|
check Verifies user <user> has password <pass>, this command also returns the users uid and any information stored for them. lookup Verifies the existance of user <user> and returns uid and info as check command above does. set Add new user or modify an existing user. The special case (NULL) is used to modify a users info without re-setting the password. The optional info for a user can be anything provided then info label contains no spaces or quotes and the value contains no quotes. UnixAuth stores the info in a .unixauth_info file in the users home directory, which it creates. del Deletes a user, thier home directory and all files stored therein. search Returns a list of users matching the search <string>, the string may contain a * or ? wildcard, if it does the string is matched as if it was a wildcard string, otherwise a match is found only if the username contains the string. version Returns the version number. help Returns the above list of commands quit Ends session exit Ends session
A command will usually respond with a one line response, that response will start with +OK or -ERR, example: +OK User firstname.lastname@example.org created successfully -ERR Failed to create email@example.com, could not lock password file If a command wants to return more that one line as a response it will send lines starting with +DATA before the final +OK or -ERR response, example: +DATA firstname.lastname@example.org config 111 +DATA email@example.com config 112 +OK Search Complete 2 items found out of 80 If UnixAuth has a fatal error while trying to initialise then it will return a -DEAD message like the following... -DEAD Failed to load config settings, access denied
If you have any questions about UnixAuth please don't hesitate to contact: firstname.lastname@example.org