James Stevens (james at kyzo.com) writes: I have added PAM support to our jabber server, so that only those users who are authenticated through PAM are allowed to register with the Jabber server. The distribution (jabber-pam.tgz) is currently a only a gzipped tarball tgz of the files that I have modified from server version 1.4.1 - not the most useful, but the easiest for me to produce. Note: because some of the PAM modules require a plain text password, it is also necessary to comment out both "digest" and "0k" authentication in the "jabber.xml" file. For this reason, some users may also wish to only allow communication only via SSL. BTW, I also found a file descriptor leak bug in the code (specifically, in jabberd/lib/expat.c) and my patch contains a fix for that as well. We found this bug because we've put the user (spool) files in a separate partition so that if some idiot goes crazy registering it won't bring down the server. However, v1.4.1 is bit ungraceful if the partition becomes full. First, it leaks a file descriptor and second it truncates the user's XML file that it was trying to write, effectively rendering it invalid. i.e. if you are off-line, and someone sends you a message, you get unregistered. So, my patch writes the user's xml to a different file (substitutes a "_" as the last character of the filename) and if that write succeeds it renames the temp file on top of the original file.