saslauthd -a pam + 'imap' service name = dead saslauthd
Igor Brezac
igor at ipass.net
Mon Apr 3 23:49:42 EDT 2006
On Mon, 3 Apr 2006, Jeff Blaine wrote:
> Igor Brezac wrote:
>>
>> Does saslauthd work without afs pam modules?
>
> Yes.
I am positive this is a saslauthd issue.
>
>> How did you build saslauthd?
>
> config.status says:
>
> configured by ./configure, generated by GNU Autoconf 2.57, with options
> \"'--prefix=/linus/mail/cyrus-2.2.12' '--with-gnu-ld'
You should not use gnu-ld on solaris sparc. See gcc notes.
-Igor
> '--with-bdb-libdir=/linus/mail/cyrus-2.2.12/lib'
> --with-bdb-incdir=/linus/mail/cyrus-2.2.12/include' '--with-pam'
> '--disable-gssapi' '--with-plugindir=/linus/mail/cyrus-2.2.12/lib/sasl2'
> '--disable-krb4' '--disable-anon' '--with-openssl=/usr/rcf'
> '--disable-digest' '--disable-cram' '--disable-checkapop'
> '--with-saslauthd=/var/run' '--disable-otp'\"
>
>> -Igor
>>
>> On Mon, 3 Apr 2006, Jeff Blaine wrote:
>>
>>> Yeah... I'd say I am pretty sure.
>>>
>>> http://asg.web.cmu.edu/archive/show.php?mailbox=archive.cyrus-sasl&msg=7727&part=3
>>>
>>> 10282: fcntl(6, F_SETLKW, 0xFFBFFA78) (sleeping...)
>>> 10282: fcntl(6, F_SETLKW, 0xFFBFFA78) = 0
>>> 10282: accept(5, 0x000291D6, 0x00029244, 1) = 7
>>> ...
>>> 10282: fork() = 10868
>>> 10868: fork() (returning as child ...) = 10282
>>> ...
>>> 10868: kill(-10282, SIGTERM) = 0
>>> ...
>>> 10282: _exit(0)
>>>
>>> Igor Brezac wrote:
>>>>
>>>> Are you sure? What is your ulimit -a?
>>>>
>>>> -Igor
>>>>
>>>> On Mon, 3 Apr 2006, Jeff Blaine wrote:
>>>>
>>>>> It doesn't dump core.
>>>>>
>>>>> It's exit()ing for some reason.
>>>>>
>>>>> I will see what I can dig up, but apptrace did not work
>>>>> (recommended by Nico).
>>>>>
>>>>> Igor Brezac wrote:
>>>>>>
>>>>>> Can you get a backtrace?
>>>>>>
>>>>>> -Igor
>>>>>>
>>>>>> On Wed, 29 Mar 2006, Jeff Blaine wrote:
>>>>>>
>>>>>>> Hi Nico,
>>>>>>>
>>>>>>> Comments below.
>>>>>>>
>>>>>>> Nicolas Williams wrote:
>>>>>>>> On Wed, Mar 29, 2006 at 06:25:01PM -0500, Jeff Blaine wrote:
>>>>>>>>> Is this a known issue? What am I doing wrong?
>>>>>>>>>
>>>>>>>>> Solaris 9 SPARC
>>>>>>>>> Cyrus IMAPd 2.2.12
>>>>>>>>> Cyrus SASL 2.1.20
>>>>>>>>>
>>>>>>>>> 1. saslauthd -a pam
>>>>>>>>>
>>>>>>>>> 2. 'imap' used as PAM service name (below snippet).
>>>>>>>>>
>>>>>>>>> RESULT: saslauthd promptly crashes. Zero logins.
>>>>>>>>> Can repeat.
>>>>>>>>>
>>>>>>>>> #------------ BEGIN /etc/pam.conf imap lines ------------------
>>>>>>>>> imap auth requisite pam_authtok_get.so.1
>>>>>>>>> imap auth required pam_dhkeys.so.1
>>>>>>>>> imap auth sufficient /usr/lib/security/pam_afs.so.1 ignore_root
>>>>>>>>> setenv_password_expires
>>>>>>>>> imap auth required pam_unix_auth.so.1
>>>>>>>>> #------------ END /etc/pam.conf imap lines --------------------
>>>>>>>>>
>>>>>>>>> Attached output from 'truss -f -p <parent_saslauthd_PID>'
>>>>>>>>> during a connection under the situation above.
>>>>>>>>>
>>>>>>>>> I see nothing interesting :(
>>>>>>>>
>>>>>>>> For one you've truncated the truss, so I one can't tell what file
>>>>>>>> descriptor 9 is (it's a door, but to what? nscd I bet).
>>>>>>>
>>>>>>> Hmm. I'll try again. Looking at the file I attached, it
>>>>>>> is not truncated. It ends where saslauthd exit()s and I
>>>>>>> get my shell prompt back.
>>>>>>>
>>>>>>> Reattached.
>>>>>>>
>>>>>>>> For another, something's forking, and the child is sendign SIGTERM to
>>>>>>>> the parent for no apparent reason.
>>>>>>>>
>>>>>>>> Try apptrace(1).
>>>>>>>
>>>>>>> apptrace -f -o ~/Private/apptrace.out /linus/mail/cyrus/sbin/saslauthd
>>>>>>> -a pam
>>>>>>>
>>>>>>> Gives me: unexpected version 3
>>>>>>>
>>>>>>>> Also, it's not even clear if this is happening in PAM or not;
>>>>>>>> apptrace
>>>>>>>> will help. Logs would too (add 'debug' to all those PAM modules'
>>>>>>>> arguments, configure syslog to save debug logs, create the debug log,
>>>>>>>> restart syslogd).
>>>>>>>
>>>>>>> debug info included in pam.log attachment
>>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>
>>>
>>>
>>
>
>
--
Igor
More information about the Cyrus-sasl
mailing list