Testing authentincation / SASL + MySQL

Patrick Ben Koetter p at state-of-mind.de
Thu Apr 27 02:26:53 EDT 2006


* volatile 45hs <volatileservers at gmail.com>:
> Hello list, I am trying to use MySQL as an authentication backend for SASL
> 
> I am folowing directions from The Book of Postfix but I am stack in
> authentication testing.
> 
> Can somebody help me with it please?
> 
> 
> 
> Errors:
> 
> MySQL query log:
> ---------------
> 
> 1033 Connect     Access denied for user: 'postfix at localhost' (Using
> password: YES)

MySQL says, your MySQL user "postfix" is not allowed to read data from the
MySQL database. This is not a Cyrus SASL problem. You need to fix the access
problem to MySQL first.

Proceed testing Cyrus SASL only if you can log into MySQL like this:

$ mysql -u postfix -p <password>

> /var/log/auth: I understand that this is a fallback mecganisms
> --------------
> 
> Apr 26 22:38:36 ced lt-server: sql_select option missing
> Apr 26 22:38:36 ced lt-server: auxpropfunc error no mechanism available
> Apr 26 22:38:36 ced lt-server: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
> 
> Apr 26 22:32:55 ced lt-server: unable to open Berkeley db /etc/sasldb2: No such file or directory
> Apr 26 22:32:55 ced lt-server: unable to open Berkeley db /etc/sasldb2: No such file or directory
> Apr 26 22:32:55 ced lt-server: Password verification failed

Yes, it is. If falls back to sasldb if auxprop sql does not work.

> Details:
> 
> 
> ls /usr/local/lib/sasl2 -> seems that I could compile SASL w/ MySQL support?
> -----------------------
> 
> libanonymous.la         libcrammd5.so.2.0.21    liblogin.so.2
> libsasldb.la         libsql.so.2
> libanonymous.so         libdigestmd5.la         liblogin.so.2.0.21
> libsasldb.so         libsql.so.2.0.19
> libanonymous.so.2       libdigestmd5.so         libplain.la
> libsasldb.so.2       libsql.so.2.0.21
> libanonymous.so.2.0.21  libdigestmd5.so.2       libplain.so
> libsasldb.so.2.0.19
> libcrammd5.la           libdigestmd5.so.2.0.21  libplain.so.2
> libsasldb.so.2.0.21
> libcrammd5.so           liblogin.la             libplain.so.2.0.19
> libsql.la
> libcrammd5.so.2         liblogin.so             libplain.so.2.0.21
> libsql.so
> 
> 
> /usr/lib/sasl2/smtp.conf & sample.conf
> --------------------------------------
> 
> # Global parameter
> log_level: 3
> 
> # Password verification service
> pwcheck_method: auxprop
> 
> # SMTP AUTH mechanisms
> mech_list: PLAIN LOGIN CRAM_MD5

Typo! Should be "CRAM-MD5"


> 
> # auxiliary plugin parameters -> mysql password backend
> auxprop_plugin: sql
> sql_engine: mysql
> sql_hostname: localhost
> sql_database: smtpauthdb
> sql_user: postfix
> sql_passwd:

Forgot the password or removed it?


> sql_select: SELECT %p FROM users WHERE username = '%u' AND userrealm = '%r'
> and auth = '1'
> sql_usessl: no
> 

p at rick



-- 
The Book of Postfix
<http://www.postfix-book.com>
saslfinger (debugging SMTP AUTH):
<http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>


More information about the Cyrus-sasl mailing list