maddy

Fork https://github.com/foxcpp/maddy

git clone git://git.lin.moe/go/maddy.git

 1# /etc/shadow
 2
 3auth.shadow module implements authentication by reading /etc/shadow. Alternatively it can be
 4configured to use helper binary like auth.external does.
 5
 6```
 7auth.shadow {
 8    debug no
 9    use_helper no
10}
11```
12
13## Configuration directives
14
15### debug _boolean_
16
17Default: `no`
18
19Enable verbose logging for all modules. You don't need that unless you are
20reporting a bug.
21
22---
23
24### use_helper _boolean_
25Default: `no`
26
27Use `LibexecDirectory/maddy-shadow-helper` instead of directly reading `/etc/shadow`.
28You need to use that if maddy is running as an unprivileged user
29privileges (e.g. when using system accounts).
30
31You need to make `maddy-shadow-helper` binary setuid, see
32cmd/maddy-shadow-helper/README.md in source tree for details.
33
34TL;DR (assuming you have maddy group):
35
36```
37chown root:maddy /usr/lib/maddy/maddy-shadow-helper
38chmod u+xs,g+x,o-x /usr/lib/maddy/maddy-shadow-helper
39```
40