In my original post I asked :
>I have a couple of Alpha Servers running Digital unix 4.0d with no
>patches applied, running c2 security. What I want to do is lock a user
>account for a temporary time. In dxaccounts I can "lock" the account but
>that doesn't affect things like rsh and imapd.
>Is it a function of the OS to lock a user out from daemon's started via
>inetd or is it the daemon's responsibility to aask the OS if the user is
>allowed to login ? My specific problem is that the UWashington IMAP
>server will still let a locked user log in.
Everybody who responded said that it is the responsibility of the daemon
to check with the OS to see if the user can login. I checked with Mark
Crispin at UWashinton (Author of the IMAP toolkit/daemon) and he doesn't
currently have support in the code for checking to see if an account is
locked. He further said that when he tried to use the sia_become_user()
command it had side effects with the imap daemon that made it unuseable.
If anybody is willing to help me figure out how to use the sia calls to
determine if an account is locked or not Mark will add support for this to
the standard imap distribution.
I've got it working with sia_become_user() just to check the account lock
status, but I'm not sure that's the right way to do it (and besides
without doc's I'm just reading header files and making educated guesses!).
I'll post a followup when/if I get this working and let people know it's
been rolled into the standard imap srouce tree.
Thanks!
Michael
-------------------------------o--------------------------------
Michael H. Martel | Vermont State Colleges
martelm_at_quark.vsc.edu | Technical Support Specialist
http://probe.vsc.edu/~michael | PH:802-241-2535 FX:802-241-3363
Received on Sat Aug 21 1999 - 12:34:21 NZST