I did a local add of checkpassword so I could get things installed. Then I installed spamdyke with checkpassword-pam authorization but it failed because all authorizations were being rejected.
I tracked it down to the checkpassword-pam module. On illumos, pam requires that you have PAM_PTY set before you can open a session. I reported this bug, but for those that have Illumos (Solaris, etc.), my fix was to set PAM_PTY to /dev/null just prior to the code that opens the session (in pam-support.c):
retval = pam_set_item(pamh, PAM_TTY, "/dev/null");
if (retval != PAM_SUCCESS) {
fatal("Setting PAM_TTY failed: %s", pam_strerror(pamh, retval));
return 1;
}
I didn't push that in as I'm not sure of it's effect on other
architectures, we'll have to wait for the checkpassword-pam maintainer
to bless the change first.
Gary
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature