saslauthd -a pam + 'imap' service name = dead saslauthd

Jeff Blaine jblaine at mitre.org
Mon Apr 3 22:56:52 EDT 2006 

Igor Brezac wrote:
> 
> Does saslauthd work without afs pam modules?

Yes.

> How did you build saslauthd?

config.status says:

configured by ./configure, generated by GNU Autoconf 2.57, with options 
\"'--prefix=/linus/mail/cyrus-2.2.12' '--with-gnu-ld' 
'--with-bdb-libdir=/linus/mail/cyrus-2.2.12/lib' 
--with-bdb-incdir=/linus/mail/cyrus-2.2.12/include' '--with-pam' 
'--disable-gssapi' '--with-plugindir=/linus/mail/cyrus-2.2.12/lib/sasl2' 
'--disable-krb4' '--disable-anon' '--with-openssl=/usr/rcf' 
'--disable-digest' '--disable-cram' '--disable-checkapop' 
'--with-saslauthd=/var/run' '--disable-otp'\"

> -Igor
> 
> On Mon, 3 Apr 2006, Jeff Blaine wrote:
> 
>> Yeah... I'd say I am pretty sure.
>>
>> http://asg.web.cmu.edu/archive/show.php?mailbox=archive.cyrus-sasl&msg=7727&part=3 
>>
>>
>> 10282:    fcntl(6, F_SETLKW, 0xFFBFFA78)    (sleeping...)
>> 10282:    fcntl(6, F_SETLKW, 0xFFBFFA78)            = 0
>> 10282:    accept(5, 0x000291D6, 0x00029244, 1)        = 7
>> ...
>> 10282:    fork()                        = 10868
>> 10868:    fork()        (returning as child ...)    = 10282
>> ...
>> 10868:    kill(-10282, SIGTERM)                = 0
>> ...
>> 10282:    _exit(0)
>>
>> Igor Brezac wrote:
>>>
>>> Are you sure?  What is your ulimit -a?
>>>
>>> -Igor
>>>
>>> On Mon, 3 Apr 2006, Jeff Blaine wrote:
>>>
>>>> It doesn't dump core.
>>>>
>>>> It's exit()ing for some reason.
>>>>
>>>> I will see what I can dig up, but apptrace did not work
>>>> (recommended by Nico).
>>>>
>>>> Igor Brezac wrote:
>>>>>
>>>>> Can you get a backtrace?
>>>>>
>>>>> -Igor
>>>>>
>>>>> On Wed, 29 Mar 2006, Jeff Blaine wrote:
>>>>>
>>>>>> Hi Nico,
>>>>>>
>>>>>> Comments below.
>>>>>>
>>>>>> Nicolas Williams wrote:
>>>>>>> On Wed, Mar 29, 2006 at 06:25:01PM -0500, Jeff Blaine wrote:
>>>>>>>> Is this a known issue?  What am I doing wrong?
>>>>>>>>
>>>>>>>> Solaris 9 SPARC
>>>>>>>> Cyrus IMAPd 2.2.12
>>>>>>>> Cyrus SASL 2.1.20
>>>>>>>>
>>>>>>>> 1.  saslauthd -a pam
>>>>>>>>
>>>>>>>> 2.  'imap' used as PAM service name (below snippet).
>>>>>>>>
>>>>>>>> RESULT: saslauthd promptly crashes.  Zero logins.
>>>>>>>>          Can repeat.
>>>>>>>>
>>>>>>>> #------------ BEGIN /etc/pam.conf imap lines ------------------
>>>>>>>> imap  auth requisite          pam_authtok_get.so.1
>>>>>>>> imap  auth required           pam_dhkeys.so.1
>>>>>>>> imap  auth sufficient /usr/lib/security/pam_afs.so.1 ignore_root
>>>>>>>> setenv_password_expires
>>>>>>>> imap  auth required           pam_unix_auth.so.1
>>>>>>>> #------------ END /etc/pam.conf imap lines --------------------
>>>>>>>>
>>>>>>>> Attached output from 'truss -f -p <parent_saslauthd_PID>'
>>>>>>>> during a connection under the situation above.
>>>>>>>>
>>>>>>>> I see nothing interesting :(
>>>>>>>
>>>>>>> For one you've truncated the truss, so I one can't tell what file
>>>>>>> descriptor 9 is (it's a door, but to what?  nscd I bet).
>>>>>>
>>>>>> Hmm.  I'll try again.  Looking at the file I attached, it
>>>>>> is not truncated.  It ends where saslauthd exit()s and I
>>>>>> get my shell prompt back.
>>>>>>
>>>>>> Reattached.
>>>>>>
>>>>>>> For another, something's forking, and the child is sendign 
>>>>>>> SIGTERM to
>>>>>>> the parent for no apparent reason.
>>>>>>>
>>>>>>> Try apptrace(1).
>>>>>>
>>>>>> apptrace -f -o ~/Private/apptrace.out 
>>>>>> /linus/mail/cyrus/sbin/saslauthd -a pam
>>>>>>
>>>>>> Gives me: unexpected version 3
>>>>>>
>>>>>>> Also, it's not even clear if this is happening in PAM or not; 
>>>>>>> apptrace
>>>>>>> will help.  Logs would too (add 'debug' to all those PAM modules'
>>>>>>> arguments, configure syslog to save debug logs, create the debug 
>>>>>>> log,
>>>>>>> restart syslogd).
>>>>>>
>>>>>> debug info included in pam.log attachment
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>
>>
>

More information about the Cyrus-sasl mailing list