Environment: Linux 2.6.10 glibc 2.3.3, gcc 3.3.3 Fedora Core 2 MySQL 4.0.23 Postfix 2.0.18 courier-authlib 0.50.20041120 courier-imap 3.0.8

Currently I have a working Courier IMAP configuration that is using authdaemond to authenticate against unix crypted passwords stored in a mysql database and then fall back on what is in the shadow file.

Here is my authmodulelist setting.

authmodulelist="authmysql authpam"

authmysql is only used for non-unix users so that I can have virtual email accounts. This problem doesn't concern them because they would match when trying authmysql. This problem is mainly for the accounts that are found in /etc/passwd.

I tried recently tried to change over my NSS configuration to use libnss-pgsql. I have a user database that I've created and am trying to switch everything over too. But when I changed to this line in /etc/nsswitch.conf:

shadow: pgsql [SUCCESS=return NOTFOUND=continue] files

IMAP authentication for a user whose password had been disabled in /etc/shadow, but not in the postgresql database, no longer worked. Other services that went through PAM worked as expected (like ssh, su, login and ftp), but Courier-authlib and Postfix SASL both started failing.

So why isn't authpam going through NSS? This might be more of a question for a pam or nss mailing list, but I can't find an nss mailing list. I figured someone on this list might have dealt with this problem before.

Thanks for any help or pointers you can provide me.