saslauthd -a pam + 'imap' service name = dead saslauthd

Igor Brezac igor at ipass.net
Mon Apr 3 14:10:13 EDT 2006


Does saslauthd work without afs pam modules?

How did you build saslauthd?

-Igor

On Mon, 3 Apr 2006, Jeff Blaine wrote:

> Yeah... I'd say I am pretty sure.
>
> http://asg.web.cmu.edu/archive/show.php?mailbox=archive.cyrus-sasl&msg=7727&part=3
>
> 10282:	fcntl(6, F_SETLKW, 0xFFBFFA78)	(sleeping...)
> 10282:	fcntl(6, F_SETLKW, 0xFFBFFA78)			= 0
> 10282:	accept(5, 0x000291D6, 0x00029244, 1)		= 7
> ...
> 10282:	fork()						= 10868
> 10868:	fork()		(returning as child ...)	= 10282
> ...
> 10868:	kill(-10282, SIGTERM)				= 0
> ...
> 10282:	_exit(0)
>
> Igor Brezac wrote:
>> 
>> Are you sure?  What is your ulimit -a?
>> 
>> -Igor
>> 
>> On Mon, 3 Apr 2006, Jeff Blaine wrote:
>> 
>>> It doesn't dump core.
>>> 
>>> It's exit()ing for some reason.
>>> 
>>> I will see what I can dig up, but apptrace did not work
>>> (recommended by Nico).
>>> 
>>> Igor Brezac wrote:
>>>> 
>>>> Can you get a backtrace?
>>>> 
>>>> -Igor
>>>> 
>>>> On Wed, 29 Mar 2006, Jeff Blaine wrote:
>>>> 
>>>>> Hi Nico,
>>>>> 
>>>>> Comments below.
>>>>> 
>>>>> Nicolas Williams wrote:
>>>>>> On Wed, Mar 29, 2006 at 06:25:01PM -0500, Jeff Blaine wrote:
>>>>>>> Is this a known issue?  What am I doing wrong?
>>>>>>> 
>>>>>>> Solaris 9 SPARC
>>>>>>> Cyrus IMAPd 2.2.12
>>>>>>> Cyrus SASL 2.1.20
>>>>>>> 
>>>>>>> 1.  saslauthd -a pam
>>>>>>> 
>>>>>>> 2.  'imap' used as PAM service name (below snippet).
>>>>>>> 
>>>>>>> RESULT: saslauthd promptly crashes.  Zero logins.
>>>>>>>          Can repeat.
>>>>>>> 
>>>>>>> #------------ BEGIN /etc/pam.conf imap lines ------------------
>>>>>>> imap  auth requisite          pam_authtok_get.so.1
>>>>>>> imap  auth required           pam_dhkeys.so.1
>>>>>>> imap  auth sufficient /usr/lib/security/pam_afs.so.1 ignore_root
>>>>>>> setenv_password_expires
>>>>>>> imap  auth required           pam_unix_auth.so.1
>>>>>>> #------------ END /etc/pam.conf imap lines --------------------
>>>>>>> 
>>>>>>> Attached output from 'truss -f -p <parent_saslauthd_PID>'
>>>>>>> during a connection under the situation above.
>>>>>>> 
>>>>>>> I see nothing interesting :(
>>>>>> 
>>>>>> For one you've truncated the truss, so I one can't tell what file
>>>>>> descriptor 9 is (it's a door, but to what?  nscd I bet).
>>>>> 
>>>>> Hmm.  I'll try again.  Looking at the file I attached, it
>>>>> is not truncated.  It ends where saslauthd exit()s and I
>>>>> get my shell prompt back.
>>>>> 
>>>>> Reattached.
>>>>> 
>>>>>> For another, something's forking, and the child is sendign SIGTERM to
>>>>>> the parent for no apparent reason.
>>>>>> 
>>>>>> Try apptrace(1).
>>>>> 
>>>>> apptrace -f -o ~/Private/apptrace.out /linus/mail/cyrus/sbin/saslauthd 
>>>>> -a pam
>>>>> 
>>>>> Gives me: unexpected version 3
>>>>> 
>>>>>> Also, it's not even clear if this is happening in PAM or not; apptrace
>>>>>> will help.  Logs would too (add 'debug' to all those PAM modules'
>>>>>> arguments, configure syslog to save debug logs, create the debug log,
>>>>>> restart syslogd).
>>>>> 
>>>>> debug info included in pam.log attachment
>>>>> 
>>>> 
>>> 
>>> 
>> 
>
>

-- 
Igor


More information about the Cyrus-sasl mailing list