OK, so with PAM, how do you set passwords to your virtual users ?<br>sorry, i'm like _really_ lost, and running out of time :-/<br><br>thanks.<br><br><div><span class="gmail_quote">2008/1/22, Alain Spineux <<a href="mailto:aspineux@gmail.com">
aspineux@gmail.com</a>>:</span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">On Jan 22, 2008 2:33 PM, badock <<a href="mailto:badock@gmail.com">
badock@gmail.com</a>> wrote:<br>> mmmmh i still don't manage to have the 'testsaslauthd -u logon -p password'<br>> work...<br>> does yours work allright ?<br>> can you paste your /etc/sysconfig/saslauthd file please ?
<br><br>I don't use saslauthd !<br><br>> in mine :<br>> SOCKETDIR=/var/run/saslauthd<br>> MECH=pam<br>> FLAGS=<br><br>If you use saslauthd with PAM, like you are trying, you dont need to<br>work with a sasldb nor saslpasswd ....
<br><br><br>><br>><br>><br>> 2008/1/21, Alain Spineux <<a href="mailto:aspineux@gmail.com">aspineux@gmail.com</a>>:<br>> > On Jan 21, 2008 5:31 PM, badock <<a href="mailto:badock@gmail.com">badock@gmail.com
</a>> wrote:<br>> > > OK, apparently, i have a problem, but it's more a SASL problem.<br>> > > I set passwords with "saslpasswd2 -c logon" and then tried to check<br>> whether<br>> > > it worked with the command : "testsaslauthd -u logon -p password" and it
<br>> > > doesn't work... :S<br>> ><br>> > Do you want to use saslauth or just don't realy know what you are doing?<br>> ><br>> > I have just migrated my server yesterday using just here are some of my
<br>> config :<br>> ><br>> > # cat /etc/imapd.conf<br>> > configdirectory: /var/lib/imap<br>> > partition-default: /var/spool/imap<br>> > admins: cyrus<br>> > sievedir: /var/lib/imap/sieve
<br>> > sendmail: /usr/sbin/sendmail<br>> > #sasl_pwcheck_method: saslauthd<br>> > sasl_pwcheck_method: auxprop<br>> > sasl_auxprop_plugin: sasldb<br>> > sasl_mech_list: PLAIN<br>> ><br>
> > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem<br>> > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem<br>> > tls_ca_file: /etc/pki/tls/certs/ca- bundle.crt<br>> ><br>> > virtdomains: userid
<br>> > defaultdomain: max.asxnet.loc<br>> > loginrealms: max.asxnet.loc<br>> ><br>> > hashimapspool: yes<br>> ><br>> > altnamespace: 0<br>> > unixhierarchysep: yes
<br>> > lmtp_downcase_rcpt: yes<br>> > username_tolower: 1<br>> ><br>> ><br>> > THE relevant thing for you are :<br>> ><br>> > sasl_pwcheck_method: auxprop<br>> > sasl_auxprop_plugin: sasldb
<br>> ><br>> ><br>> > # history | grep sasl<br>> > 705 sasldblistusers2<br>> > 706 saslpasswd2 <a href="mailto:cyrus@max.asxnet.loc">cyrus@max.asxnet.loc</a><br>> > 707 sasldblistusers2
<br>> > 709 saslpasswd2 -u max.asxnet.loc root<br>> > 710 sasldblistusers2<br>> > 728 chown cyrus.mail /etc/sasldb2<br>> ><br>> ><br>> > ><br>> > > I checked the logs, here's what i found :
<br>> > > in /var/log/secure:<br>> > > # Jan 21 17:12:28 demovm33 saslauthd[3393]: pam_unix(imap:auth): check<br>> > > pass; user unknown<br>> > > # Jan 21 17:12:28 demovm33 saslauthd[3393]: pam_unix(imap:auth):
<br>> > > authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=<br>> > > # Jan 21 17:12:28 demovm33 saslauthd[3393]: pam_succeed_if(imap:auth):<br>> > > error retrieving information about user logon
<br>> > ><br>> > > in /var/log/messages:<br>> > > # Jan 21 17:12:20 demovm33 saslauthd[3351]: server_exit : master<br>> > > exited: 3351<br>> > > # Jan 21 17:12:21 demovm33 saslauthd[3376]: set_auth_mech : unknown
<br>> > > authentication mechanism: map<br>> > > # Jan 21 17:12:27 demovm33 saslauthd[3392]: detach_tty : master<br>> pid<br>> > > is: 3392<br>> > > # Jan 21 17:12:27 demovm33 saslauthd[3392]: ipc_init : listening
<br>> on<br>> > > socket: /var/run/saslauthd/mux<br>> > > # Jan 21 17:12:31 demovm33 saslauthd[3393]: do_auth : auth<br>> failure:<br>> > > [user=logon] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
<br>> > ><br>> > > OK, so that's when in /etc/sysconfig/saslauthd i have one line saying :<br>> > > # MECH=pam<br>> > ><br>> > > I tried with several other "MECH" but i still get errors like, for
<br>> instance<br>> > > with MECH=shadow :<br>> > > # Jan 21 17:11:41 demovm33 saslauthd[3318]: server_exit : master<br>> > > exited: 3318<br>> > > # Jan 21 17:11:41 demovm33 saslauthd[3351]: detach_tty : master
<br>> pid<br>> > > is: 3351<br>> > > # Jan 21 17:11:41 demovm33 saslauthd[3351]: ipc_init : listening<br>> on<br>> > > socket: /var/run/saslauthd/mux<br>> > > # Jan 21 17:11:43 demovm33 saslauthd[3352]: do_auth : auth
<br>> failure:<br>> > > [user=logon] [service=imap] [realm=] [mech=shadow] [reason=Unknown]<br>> > ><br>> > ><br>> > > I couldn't try to use the MECH=sasldb because natively the sasldb mech
<br>> is<br>> > > disabled, so i have two options :<br>> > > 1. compile a new saslauthd from sources that supports sasldb (i tried<br>> and<br>> > > failed, i get error coming from the .c and .h files :-/ )
<br>> > > 2. have it working without the sasldb, which i guess is possible... i<br>> mean i<br>> > > only need a simple login/password thing, it's not that complex<br>> > ><br>> > > So anyway, when _you_ use this cyrus-imapd thing, do you authenticate
<br>> with<br>> > > the sasldb by typing login/password, or do you do it another way ?<br>> > ><br>> > > Hope it's clearer now to you (it isn't to me... ;) )<br>> > > Any idea, please ?
<br>> > ><br>> > ><br>> > > @Alain> about this RCTP TO error, i'd say it comes from the SMTP, but i<br>> > > don't understand what you meant by "Ave you configured your SMTP to
<br>> accept<br>> > > <a href="mailto:lgon@mydomai.com">lgon@mydomai.com</a> ?", do i have to configure something on the SMTP side ?<br>> ><br>> > Often things are made to work together without to much change.
<br>> > It help to stay in the main idea of the developer, but not always easy<br>> > to guest it.<br>> > Yesterday I didn't touch my postfix on my centos 5.1 to make it works<br>> > with cyrus.
<br>> ><br>> > Regards<br>> > > Thanks for paying interest in my helplessness :)<br>> > ><br>> > ><br>> > ><br>> > > 2008/1/21, Alain Spineux < <a href="mailto:aspineux@gmail.com">
aspineux@gmail.com</a>>:<br>> > ><br>> > > > On Jan 21, 2008 2:19 PM, badock <<a href="mailto:badock@gmail.com">badock@gmail.com</a>> wrote:<br>> > > > ><br>> > > > > Hello all,
<br>> > > > ><br>> > > > > I recently installed cyrus-imapd, and i'm now trying to make it<br>> work.<br>> > > > > I created a mailbox user (cm user.logon) then acl'ed it (sam
<br>> user.logon<br>> > > > > logon all)<br>> > > > > Then i set a password to logon : saslpasswd2 -c logon<br>> > > ><br>> > > > maybe a<br>> > > > # chown
cyrus.cyrus /etc/sasl2.db<br>> > > > or something like that could help<br>> > > > Read all cyrus error messages in log files!<br>> > > ><br>> > > > > So now, i expect the "user" logon to have access to his mailbox
<br>> > > > > But it doesn't work, cause<br>> > > > ><br>> > > > > 1. i can't telnet/login to the imap server with "logon":<br>> > > > > shell says:
<br>> > > > > LOGIN BAD Error in IMAP commabd received by server<br>> > > > ><br>> > > > > 2. i can't send any mail to <a href="mailto:logon@host.domain.com">logon@host.domain.com
</a><br>> > > > > mailer says :<br>> > > > > RCPT TO < <a href="mailto:logon@mydomain.com">logon@mydomain.com</a>> failed :<br>> > > > > <<a href="mailto:logon@mydomain.com">
logon@mydomain.com</a> >: Recipient address rejected: User<br>> unknown in<br>> > > > > local recipient table<br>> > > ><br>> > > > Where this message come from ? SMTP or cyrus ? Is-it lmtpd ?
<br>> > > > Can you give some more line around this error ?<br>> > > > Ave you configured your SMTP to accept <a href="mailto:lgon@mydomai.com">lgon@mydomai.com</a> ?<br>> > > ><br>> > > > >
<br>> > > > ><br>> > > > > Do you have an idea how i can check wether the imap works or not ?<br>> > > > > Actually i'd like to check if my settings are ok, is there a way to
<br>> > > check<br>> > > > > that ?<br>> > > > ><br>> > > > ><br>> > > > > Thanks in advance.<br>> > > > ><br>> > > > > ----
<br>> > > > > Cyrus Home Page: <a href="http://cyrusimap.web.cmu.edu/">http://cyrusimap.web.cmu.edu/</a><br>> > > > > Cyrus Wiki/FAQ: <a href="http://cyrusimap.web.cmu.edu/twiki">http://cyrusimap.web.cmu.edu/twiki
</a><br>> > > > > List Archives/Info: <a href="http://asg.web.cmu.edu/cyrus/mailing-list.html">http://asg.web.cmu.edu/cyrus/mailing-list.html</a><br>> > > > ><br>> > > ><br>> > > >
<br>> > > ><br>> > > > --<br>> > > > Alain Spineux<br>> > > > aspineux gmail com<br>> > > > May the sources be with you<br>> > > ><br>> > ><br>
> > ><br>> ><br>> ><br>> ><br>> > --<br>> > Alain Spineux<br>> > aspineux gmail com<br>> > May the sources be with you<br>> ><br>><br>><br><br><br><br>--<br>Alain Spineux
<br>aspineux gmail com<br>May the sources be with you<br></blockquote></div><br>