Pwcheck is a daemon for permitting the Cyrus server to check passwords
against the shadow password database.

To use:

* Configure the Cyrus software with the "--with-login=unix_pwcheck" switch.

* Compile and install the Cyrus software

* Create the directory "/var/pwcheck" and make it readable by only
those users who need to be able to verify passwords.

	mkdir /var/pwcheck
	chown cyrus /var/pwcheck
	chmod 700 /var/pwcheck

* Upon system startup, arrange for the daemon /usr/cyrus/bin/pwcheck
to be run as root in the background.

How it works:

The Cyrus servers connect to the unix-domain socket
/var/pwcheck/pwcheck to send a potential user's userid and password to
the pwcheck daemon.  The pwcheck daemon uses its root privileges to
verify the userid and password against the shadow password database.
The pwcheck daemon then returns an error message or "OK" to the Cyrus
server and closes the unix-domain connection.

The permissions on the /var/pwcheck directory control who can connect
to the pwcheck daemon.  The pwcheck daemon is not designed to deal
with denial-of-service attacks from its clients, so the directory
should be restricted to trustworthy server processes.
