<html><head><meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;" class="">Struggled with enabling local6. The trick was to touch the new syslog output file before restarting syslog with this new line<div class=""><br class=""></div><div class=""><font face="Courier New" class="">local6.*   /var/log/local6<br class=""></font><div class=""><br class=""></div><div class=""><br class=""></div><div class=""><div class=""><font face="Courier New" class="">root@cyrus3:/var/log # cat local6</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: accepted connection</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: accepted connection</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SSL_accept() incomplete -> wait</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SSL_accept() incomplete -> wait</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SSL_accept() succeeded -> done</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SSL_accept() succeeded -> done</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: starttls: TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits new) no authentication</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL no user in db</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL no user in db</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL no user in db</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL unable to canonify user and get auxprops</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL no user in db</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: SASL unable to canonify user and get auxprops</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: badlogin: [192.168.178.210] SCRAM-SHA-1 [SASL(-13): user not found: unable to canonify user and get auxprops]</font></div><div class=""><font face="Courier New" class="">Jan 30 22:59:51 cyrus3 imap[90156]: badlogin: [192.168.178.210] SCRAM-SHA-1 [SASL(-13): user not found: unable to canonify user and get auxprops]</font></div><div class=""><br class=""></div><div><br class=""><blockquote type="cite" class=""><div class="">Am 30.01.2018 um 23:41 schrieb Ken Murchison <<a href="mailto:murch@fastmail.com" class="">murch@fastmail.com</a>>:</div><br class="Apple-interchange-newline"><div class="">
  
    <meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
  
  <div text="#000000" bgcolor="#FFFFFF" class=""><p class="">Hmm.</p><p class="">I just switched my dev box to using saslauthd and it just
      worked.  I'm sure your problem is something simple, but its
      escaping me at the moment.  <br class="">
    </p><p class="">When imtest fails, what is logged in the Cyrus IMAP log (wherever
      local6 is logged)</p><p class=""><br class="">
    </p>
    <br class="">
    <div class="moz-cite-prefix">On 01/30/2018 05:34 PM, Michael Rüger
      wrote:<br class="">
    </div>
    <blockquote type="cite" cite="mid:2EA6E076-B1E9-442E-BA80-DA9CA23A4666@gmail.com" class="">
      <meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
      Ken, thank you for jumping in!
      <div class=""><br class="">
      </div>
      <div class="">Some more info: the apps run as the following users
        and groups</div>
      <div class=""><font class="" face="Courier New"><br class="">
        </font></div>
      <div class="">
        <div class=""><font class="" face="Courier New">root@cyrus3:~ #
            ps aux</font></div>
        <div class=""><font class="" face="Courier New">USER    PID %CPU
            %MEM    VSZ  RSS TT  STAT STARTED    TIME COMMAND</font></div>
        <div class=""><font class="" face="Courier New">root  88686  0.0
             0.0  10500 2044  -  SsJ  21:40   0:00.02 /usr/sbin/syslogd
            -s</font></div>
        <div class=""><font class="" face="Courier New">root  88717  0.0
             0.1  43928 4360  -  IsJ  21:40   0:00.01
            /usr/local/sbin/saslauthd -a pam</font></div>
        <div class=""><font class="" face="Courier New">root  88718  0.0
             0.1  43928 4360  -  IJ   21:40   0:00.01
            /usr/local/sbin/saslauthd -a pam</font></div>
        <div class=""><font class="" face="Courier New">root  88720  0.0
             0.1  43928 4276  -  IJ   21:40   0:00.00
            /usr/local/sbin/saslauthd -a pam</font></div>
        <div class=""><font class="" face="Courier New">root  88721  0.0
             0.1  43928 4360  -  IJ   21:40   0:00.01
            /usr/local/sbin/saslauthd -a pam</font></div>
        <div class=""><font class="" face="Courier New">root  88722  0.0
             0.1  43928 4276  -  IJ   21:40   0:00.00
            /usr/local/sbin/saslauthd -a pam</font></div>
        <div class=""><font class="" face="Courier New">cyrus 88724  0.0
             0.1  65504 5884  -  SsJ  21:40   0:00.07
            /usr/local/cyrus/libexec/master -d</font></div>
        <div class=""><font class="" face="Courier New"><br class="">
          </font></div>
        <div class="">
          <div class=""><font class="" face="Courier New">root@cyrus3:~
              # su - cyrus</font></div>
          <div class=""><font class="" face="Courier New">% id</font></div>
          <div class=""><font class="" face="Courier New">uid=60(cyrus)
              gid=60(cyrus) groups=60(cyrus),1003(saslauth)</font></div>
        </div>
        <div class=""><br class="">
        </div>
        <div class="">
          <div class=""><br class="">
            <blockquote type="cite" class="">
              <div class="">Am 30.01.2018 um 23:25 schrieb Michael Rüger
                <<a href="mailto:michael.g.rueger@gmail.com" class="" moz-do-not-send="true">michael.g.rueger@gmail.com</a>>:</div>
              <br class="Apple-interchange-newline">
              <div class="">
                <meta http-equiv="Content-Type" content="text/html;
                  charset=utf-8" class="">
                <div style="word-wrap: break-word; -webkit-nbsp-mode:
                  space; line-break: after-white-space;" class="">
                  <div class=""><font class="" face="Courier New">root@cyrus3:~
                      # ls -la /var/run/saslauthd/</font></div>
                  <div class=""><font class="" face="Courier New">total
                      13</font></div>
                  <div class=""><font class="" face="Courier New">drwxr-x---
                       2 cyrus  saslauth   5 Jan 30 21:40 .</font></div>
                  <div class=""><font class="" face="Courier New">drwxr-xr-x
                       6 root   wheel     15 Jan 30 21:40 ..</font></div>
                  <div class=""><font class="" face="Courier New">srwxrwxrwx
                       1 root   saslauth   0 Jan 30 21:40 mux</font></div>
                  <div class=""><font class="" face="Courier New">-rw-------
                       1 root   saslauth   0 Jan 30 21:40 mux.accept</font></div>
                  <div class=""><font class="" face="Courier New">-rw-------
                       1 root   saslauth   6 Jan 30 21:40 saslauthd.pid</font></div>
                  <div class=""><br class="">
                    <blockquote type="cite" class="">
                      <div class="">Am 30.01.2018 um 23:23 schrieb Ken
                        Murchison <<a href="mailto:murch@fastmail.com" class="" moz-do-not-send="true">murch@fastmail.com</a>>:</div>
                      <br class="Apple-interchange-newline">
                      <div class="">
                        <meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
                        <div text="#000000" bgcolor="#FFFFFF" class=""><p class="">Hi Michael,</p><p class="">What are the permissions on the
                            socket that saslauthd is listening on?</p><p class=""><br class="">
                          </p>
                          <br class="">
                          <div class="moz-cite-prefix">On 01/30/2018
                            05:06 PM, Michael Rüger wrote:<br class="">
                          </div>
                          <blockquote type="cite" cite="mid:55482002-0BFC-4016-97A5-6B15F7A32703@gmail.com" class="">
                            <meta http-equiv="Content-Type" content="text/html; charset=utf-8" class="">
                            Hi
                            <div class=""><br class="">
                            </div>
                            <div class="">(btw. i was Guest39278 on IRC
                              yesterday and got the chance to introduce
                              myself on googletalk)</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">I’m trying to set up imapd to
                              use saslauthd for authentication.</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">I have already a running
                              saslauthd which uses PAM. I can run this</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">
                              <div class=""><font class="" face="Courier
                                  New">root@cyrus3:/ # testsaslauthd -u
                                  mike -p mike</font></div>
                              <div class=""><font class="" face="Courier
                                  New">0: OK "Success.“</font></div>
                            </div>
                            <div class=""><br class="">
                            </div>
                            <div class="">and if i run</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">
                              <div class=""><font class="" face="Courier
                                  New">root@cyrus3:/ # testsaslauthd -u
                                  mike -p abc</font></div>
                              <div class=""><font class="" face="Courier
                                  New">0: NO "authentication failed“</font></div>
                            </div>
                            <div class=""><br class="">
                            </div>
                            <div class="">i get that logged in auth.log
                              like this</div>
                            <div class=""><br class="">
                            </div>
                            <div class=""><font class="" face="Courier
                                New">Jan 30 21:43:53 cyrus3
                                saslauthd[88721]: do_auth         : auth
                                failure: [user=mike] [service=imap]
                                [realm=] [mech=pam] [reason=PAM auth
                                error]</font></div>
                            <div class=""><br class="">
                            </div>
                            <div class="">In imapd.conf i have</div>
                            <div class=""><font class="" face="Courier
                                New"><br class="">
                              </font></div>
                            <div class=""><font class="" face="Courier
                                New">sasl_pwcheck_method: saslauthd</font></div>
                            <div class=""><br class="">
                            </div>
                            <div class="">Now i’m authenticate against
                              imapd</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">
                              <div class=""><font class="" face="Courier
                                  New">root@cyrus3:~ # imtest -t "" -u
                                  mike -a mike -w mike localhost</font></div>
                              <div class=""><font class="" face="Courier
                                  New">S: * OK [CAPABILITY IMAP4rev1
                                  LITERAL+ ID ENABLE STARTTLS
                                  LOGINDISABLED AUTH=SCRAM-SHA-1
                                  AUTH=DIGEST-MD5 AUTH=CRAM-MD5
                                  AUTH=NTLM SASL-IR] <a href="http://cyrus3.intern.rueger.me/" class="" moz-do-not-send="true">cyrus3.intern.rueger.me</a>
                                  Cyrus IMAP 3.0.5 server ready</font></div>
                              <div class=""><font class="" face="Courier
                                  New">C: S01 STARTTLS</font></div>
                              <div class=""><font class="" face="Courier
                                  New">S: S01 OK Begin TLS negotiation
                                  now</font></div>
                              <div class=""><font class="" face="Courier
                                  New">verify error:num=18:self signed
                                  certificate</font></div>
                              <div class=""><font class="" face="Courier
                                  New">TLS connection established:
                                  TLSv1.2 with cipher
                                  ECDHE-RSA-AES256-GCM-SHA384 (256/256
                                  bits)</font></div>
                              <div class=""><font class="" face="Courier
                                  New">C: C01 CAPABILITY</font></div>
                              <div class=""><font class="" face="Courier
                                  New">S: * CAPABILITY IMAP4rev1
                                  LITERAL+ ID ENABLE ACL RIGHTS=kxten
                                  QUOTA MAILBOX-REFERRALS NAMESPACE
                                  UIDPLUS NO_ATOMIC_RENAME UNSELECT
                                  CHILDREN MULTIAPPEND BINARY CATENATE
                                  CONDSTORE ESEARCH SEARCH=FUZZY SORT
                                  SORT=MODSEQ SORT=DISPLAY SORT=UID
                                  THREAD=ORDEREDSUBJECT
                                  THREAD=REFERENCES THREAD=REFS
                                  ANNOTATEMORE ANNOTATE-EXPERIMENT-1
                                  METADATA LIST-EXTENDED LIST-STATUS
                                  LIST-MYRIGHTS LIST-METADATA WITHIN
                                  QRESYNC SCAN XLIST XMOVE MOVE
                                  SPECIAL-USE CREATE-SPECIAL-USE
                                  DIGEST=SHA1 X-REPLICATION URLAUTH
                                  URLAUTH=BINARY AUTH=SCRAM-SHA-1
                                  AUTH=DIGEST-MD5 AUTH=CRAM-MD5
                                  AUTH=NTLM AUTH=PLAIN AUTH=LOGIN
                                  SASL-IR COMPRESS=DEFLATE
                                  X-QUOTA=STORAGE X-QUOTA=MESSAGE
                                  X-QUOTA=X-ANNOTATION-STORAGE
                                  X-QUOTA=X-NUM-FOLDERS IDLE</font></div>
                              <div class=""><font class="" face="Courier
                                  New">S: C01 OK Completed</font></div>
                              <div class=""><font class="" face="Courier
                                  New">C: A01 AUTHENTICATE SCRAM-SHA-1
                                  bixhPW1pa2Usbj1taWtlLHI9Z2Z1Ukp1cVc1Z1BybHhaWTdFcjVYUDR2WUtuMVhRNHc=</font></div>
                              <div class=""><font class="" face="Courier
                                  New">S: A01 NO authentication failure</font></div>
                              <div class=""><font class="" face="Courier
                                  New">Authentication failed. generic
                                  failure</font></div>
                              <div class=""><font class="" face="Courier
                                  New">Security strength factor: 256</font></div>
                            </div>
                            <div class=""><br class="">
                            </div>
                            <div class="">Nothing is reported in
                              auth.conf</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">If i do this</div>
                            <div class=""><br class="">
                            </div>
                            <div class=""><font class="" face="Courier
                                New">root@cyrus3:~ # saslpasswd2 -c <a href="mailto:mike@cyrus3.intern.rueger.me" class="" moz-do-not-send="true">mike@cyrus3.intern.rueger.me</a></font></div>
                            <div class=""><font class="" face="Courier
                                New">…<entering „mike“ twice here></font></div>
                            <div class=""><font class="" face="Courier
                                New">root@cyrus3:~ # imtest -t "" -u
                                mike -a mike -w mike localhost</font></div>
                            <div class=""><font class="" face="Courier
                                New">S: * OK [CAPABILITY IMAP4rev1
                                LITERAL+ ID ENABLE STARTTLS
                                LOGINDISABLED AUTH=SCRAM-SHA-1
                                AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=NTLM
                                SASL-IR] <a href="http://cyrus3.intern.rueger.me/" class="" moz-do-not-send="true">cyrus3.intern.rueger.me</a>
                                Cyrus IMAP 3.0.5 server ready</font></div>
                            <div class=""><font class="" face="Courier
                                New">C: S01 STARTTLS</font></div>
                            <div class=""><font class="" face="Courier
                                New">…</font></div>
                            <div class="">
                              <div class=""><font class="" face="Courier
                                  New">Authenticated.</font></div>
                              <div class=""><font class="" face="Courier
                                  New">Security strength factor: 256</font></div>
                            </div>
                            <div class=""><br class="">
                            </div>
                            <div class="">it is working against local db
                              BUT NOT against saslauthd.</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">How do i setup imapd to talk
                              to saslauthd?</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">BTW i’m using </div>
                            <div class="">* cyrus-imapd30-3.0.5</div>
                            <div class="">* cyrus-sasl-2.1.26_13</div>
                            <div class="">*
                              cyrus-sasl-saslauthd-2.1.26_3</div>
                            <div class="">on FreeBSD 11.1</div>
                            <div class=""><br class="">
                            </div>
                            <div class="">Thank you for any help,</div>
                            <div class="">Mike</div>
                            <div class=""><br class="">
                            </div>
                          </blockquote>
                          <br class="">
                          <pre class="moz-signature" cols="72">-- 
Ken Murchison
Cyrus Development Team
FastMail US LLC</pre>
                        </div>
                        <span id="cid:1EB1CA7E-9C20-44D1-9F93-EC1E28AB5F60@fritz.box" class=""><murch.vcf></span></div>
                    </blockquote>
                  </div>
                  <br class="">
                </div>
              </div>
            </blockquote>
          </div>
          <br class="">
        </div>
      </div>
    </blockquote>
    <br class="">
    <pre class="moz-signature" cols="72">-- 
Ken Murchison
Cyrus Development Team
FastMail US LLC</pre>
  </div>

<span id="cid:F7012A0F-115C-49B1-9917-9E5060EB1398@fritz.box"><murch.vcf></span></div></blockquote></div><br class=""></div></div></body></html>