R: Cyrus-sasl Digest, Vol 13, Issue 3

alesysadmin at alice.it alesysadmin at alice.it
Sat Aug 5 15:15:49 EDT 2006




-----Messaggio originale-----
Da: cyrus-sasl-bounces at lists.andrew.cmu.edu per conto di cyrus-sasl-request at lists.andrew.cmu.edu
Inviato: sab 05/08/2006 18.00
A: cyrus-sasl at lists.andrew.cmu.edu
Oggetto: Cyrus-sasl Digest, Vol 13, Issue 3
 
Send Cyrus-sasl mailing list submissions to
	cyrus-sasl at lists.andrew.cmu.edu

To subscribe or unsubscribe via the World Wide Web, visit
	https://lists.andrew.cmu.edu/mailman/listinfo/cyrus-sasl
or, via email, send a message with subject or body 'help' to
	cyrus-sasl-request at lists.andrew.cmu.edu

You can reach the person managing the list at
	cyrus-sasl-owner at lists.andrew.cmu.edu

When replying, please edit your Subject line so it is more specific
than "Re: Contents of Cyrus-sasl digest..."


Today's Topics:

   1. Re: Help configuring Cyrus==>saslpasswd2: no mechanism
      available (Andreas Winkelmann)
   2. cyradm and web-cyradm can't login (alesysadmin at alice.it)
   3. Re: cyradm and web-cyradm can't login (Andreas Winkelmann)


----------------------------------------------------------------------

Message: 1
Date: Fri, 4 Aug 2006 20:36:37 +0200
From: Andreas Winkelmann <ml at awinkelmann.de>
Subject: Re: Help configuring Cyrus==>saslpasswd2: no mechanism
	available
To: cyrus-sasl at lists.andrew.cmu.edu
Message-ID: <200608042036.37488.ml at awinkelmann.de>
Content-Type: text/plain;  charset="iso-8859-1"

Am Wednesday 26 July 2006 20:16 schrieb Harold Barnes:

> I'm attempting to install cyrus on Suse10.
> I'm getting an error from saslpasswd2
>
> penguin:/ # saslpasswd2 -c cyrus
> Password:
> Again (for verification):
> saslpasswd2: no mechanism available
>
>
> I'm hoping that someone here might have some sasl experience.
> Is this an appropriate place to ask for help?
>
>
> This is what I see in my syslog:
> Jul 25 01:36:12 penguin saslpasswd2: could not find auxprop plugin,
> was searching for [all]

> This is the lib/sasl2 list:
> penguin:/ # ls -la /usr/lib/sasl2
> total 228
> drwxr-xr-x    2 root root   840 2006-07-25 05:21 .
> drwxr-xr-x  161 root root 57128 2006-07-24 07:57 ..
> lrwxrwxrwx    1 root root    22 2006-05-29 08:54 libanonymous.so ->
> libanonymous.so.2.0.21
> lrwxrwxrwx    1 root root    22 2006-05-29 08:54 libanonymous.so.2 ->
> libanonymous.so.2.0.21
> -rwxr-xr-x    1 root root 13592 2005-09-09 10:39 libanonymous.so.2.0.21
> lrwxrwxrwx    1 root root    21 2006-07-24 07:26 libgssapiv2.so ->
> libgssapiv2.so.2.0.21
> lrwxrwxrwx    1 root root    21 2006-07-24 07:26 libgssapiv2.so.2 ->
> libgssapiv2.so.2.0.21
> -rwxr-xr-x    1 root root 25336 2005-09-09 10:39 libgssapiv2.so.2.0.21
> lrwxrwxrwx    1 root root    18 2006-05-29 08:54 liblogin.so ->
> liblogin.so.2.0.21
> lrwxrwxrwx    1 root root    18 2006-05-29 08:54 liblogin.so.2 ->
> liblogin.so.2.0.21
> -rwxr-xr-x    1 root root 14420 2005-09-09 10:39 liblogin.so.2.0.21
> lrwxrwxrwx    1 root root    16 2006-07-24 07:26 libotp.so ->
> libotp.so.2.0.21 lrwxrwxrwx    1 root root    16 2006-07-24 07:26
> libotp.so.2 ->
> libotp.so.2.0.21
> -rwxr-xr-x    1 root root 45020 2005-09-09 10:39 libotp.so.2.0.21
> lrwxrwxrwx    1 root root    18 2006-07-24 07:26 libplain.so ->
> libplain.so.2.0.21
> lrwxrwxrwx    1 root root    18 2006-07-24 07:26 libplain.so.2 ->
> libplain.so.2.0.21
> -rwxr-xr-x    1 root root 14420 2005-09-09 10:39 libplain.so.2.0.21
> lrwxrwxrwx    1 root root    19 2006-05-29 08:54 libsasldb.so ->
> libsasldb.so.2.0.21
> lrwxrwxrwx    1 root root    19 2006-05-29 08:54 libsasldb.so.2 ->
> libsasldb.so.2.0.21
> -rwxr-xr-x    1 root root 18756 2005-09-09 10:39 libsasldb.so.2.0.21
> lrwxrwxrwx    1 root root    16 2006-07-24 08:43 libsql.so ->
> libsql.so.2.0.21 lrwxrwxrwx    1 root root    16 2006-07-24 08:43
> libsql.so.2 ->
> libsql.so.2.0.21
> -rwxr-xr-x    1 root root 21932 2005-09-09 10:39 libsql.so.2.0.21
> -rw-r-----    1 root ldap    38 2005-09-09 11:17 slapd.conf

The *.la Files are missing. Cyrus-SASL needs them to load/find the Plugins.

-- 
	Andreas


------------------------------

Message: 2
Date: Sat, 5 Aug 2006 12:09:34 +0200
From: <alesysadmin at alice.it>
Subject: cyradm and web-cyradm can't login
To: <cyrus-sasl at lists.andrew.cmu.edu>
Message-ID:
	<D569759CE41F3E49996AFB1D11E4577BB094FF at FBCMST05V05.fbc.local>
Content-Type: text/plain; charset="iso-8859-1"


Hi,
i would like to propose i linux mail server to my firm.
So i followed the instruction found at:
http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO-it/html/t1.html

All ports http, pop3 and imap are listening.
All services start whithout error.

The problem is that i can't login either using cyradm or web-cyradm.

By cyradm:

cyradm -u cyrus -server localhost -auth plain.

nothing appens, i don't see password prompt.

my /var/log/auth.log

Aug  4 22:18:01 debian perl: unable to dlopen /usr/local/lib/sasl2/libsasldb.so.2: libdb-4.4.so: cannot open shared object file: No such file or directory

By web-cyradm:

I write username admin
password test

/var/log/web-cyradm-login.log

but it returns to the login page.

Please excuse my bad English, but i'm italian and i have studied it 10 years ago.
Thanks in advance.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20060805/769ec774/attachment-0001.html

------------------------------

Message: 3
Date: Sat, 5 Aug 2006 12:46:11 +0200
From: Andreas Winkelmann <ml at awinkelmann.de>
Subject: Re: cyradm and web-cyradm can't login
To: cyrus-sasl at lists.andrew.cmu.edu
Message-ID: <200608051246.11148.ml at awinkelmann.de>
Content-Type: text/plain;  charset="utf-8"

Am Saturday 05 August 2006 12:09 schrieb alesysadmin at alice.it:

> i would like to propose i linux mail server to my firm.
> So i followed the instruction found at:
> http://www.delouw.ch/linux/Postfix-Cyrus-Web-cyradm-HOWTO-it/html/t1.html

Did you install from Packages or at your own?

> All ports http, pop3 and imap are listening.
> All services start whithout error.
>
> The problem is that i can't login either using cyradm or web-cyradm.
>
> By cyradm:
>
> cyradm -u cyrus Â-server localhost Â-auth plain.

Show your configuration /etc/imapd.conf for example. How did you setup 
cyrus-sasl? Where are the User/Passwords?

> nothing appens, i don't see password prompt.
>
> my /var/log/auth.log
>
> Aug  4 22:18:01 debian perl: unable to dlopen
> /usr/local/lib/sasl2/libsasldb.so.2: libdb-4.4.so: cannot open shared
> object file: No such file or directory

libsasl2 dows not find lib-4.4.so, time to check that...

> By web-cyradm:
>
> I write username admin
> password test
>
> /var/log/web-cyradm-login.log
>
> but it returns to the login page.
>
> Please excuse my bad English, but i'm italian and i have studied it 10
> years ago. Thanks in advance.

-- 
	Andreas


------------------------------
Berkley DB
cp db-4.4.20.tar.gz /usr/local/
tar xvfz
cd db-4.4.20/build_unix/
../dist/configure –prefix=/usr/local/bdb

make
make install

echo /usr/local/bdb/lib >> /etc/ld.so.conf
ldconfig
cd /usr/local
tar -xvzf openssl-0.9.7c.tar.gz


cp /usr/local/openssl-0.9.7c.tar.gz

tar xvfz openssl-0.9.7c.tar.gz
cd openssl-0.9.7c

./config shared

make
make test
make install

echo "/usr/local/ssl/lib" >> /etc/ld.so.conf
ldconfig
CREATE USER CYRUS

groupadd mail
useradd -u 96 -d /usr/cyrus -g mail cyrus
passwd cyrus
CYRUS SASL

cp cyrus-sasl-2.1.17.tar.gz /usr/local/

tar xvzf cyrus-sasl-2.1.17.tar.gz
cd cyrus-sasl-2.1.17
/configure \
--enable-anon \
--enable-plain \
--enable-login \
--disable-krb4 \
--disable-otp \
--disable-cram \
--disable-digest \
--with-saslauthd=/var/run/saslauthd \
--with-pam=/lib/security \
--with-dblib=berkeley \
--with-bdb-libdir=/usr/local/bdb/lib \
--with-bdb-incdir=/usr/local/bdb/include \
--with-openssl=/usr/local/ssl \
--with-plugindir=/usr/local/lib/sasl2

make
make install

mkdir -p /var/run/saslauthd

cd saslauthd
make testsaslauthd
cp testsaslauthd /usr/local/bin

echo /usr/local/lib/sasl2 >> /etc/ld.so.conf
ldconfig
CYRUS IMAP
cp xvzf cyrus-imapd-2.1.16.tar.gz /usr/local/
tar xvzf cyrus-imapd-2.1.16.tar.gz
cd cyrus-imapd-2.1.16

export CPPFLAGS="-I/usr/include/et" 

./configure \
--with-sasl=/usr/local/lib \
--with-perl \
--with-auth=unix \
--with-dbdir=/usr/local/bdb \
--with-bdb-libdir=/usr/local/bdb/lib \
--with-bdb-incdir=/usr/local/bdb/include \
--with-openssl=/usr/local/ssl \
--without-ucdsnmp \

make depend
make
make install
my /ETC/IMAPD.CONF
postmaster: postmaster
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: PLAIN
servername: debian.ale.org
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
unixhierarchysep: yes
tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem
my /ETC/CYRUS.CONF
# standard standalone server implementation

START {
  # do not delete this entry!
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=0
  imaps         cmd="imapd -s" listen="imaps" prefork=0
  pop3          cmd="pop3d" listen="pop3" prefork=0
  pop3s         cmd="pop3d -s" listen="pop3s" prefork=0
  sieve         cmd="timsieved" listen="sieve" prefork=0

  # at least one LMTP is required for delivery
#  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0

  # this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/imap/socket/notify" proto="udp" prefork=1
}

EVENTS {
  # this is required
 # checkpoint    cmd="ctl_cyrusdb -c" period=30
  checkpoint    cmd="ctl_cyrusdb" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" period=1440

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" period=1440
}

I installed Apache2 and Php4 (libapache2-mod-php4, php4-cli, php4-common, php4-pear) and Postfix  from Debian packages.

PAM

apt-get install libpam0g-dev

tar xvfz pam_mysql-0.5.tar.gz

cd pam_mysql
As I installed mysql from my owm in /home/services/mysql
i edit the Makefile before compiling.
vi Makefile
# Convenient defaults for compiling independently of the full source
# tree.
ifndef FULL_LINUX_PAM_SOURCE_TREE
export DYNAMIC=-DPAM_DYNAMIC
export CC=gcc
export CFLAGS=-O2 -Dlinux -DLINUX_PAM \
       -ansi -D_POSIX_SOURCE -Wall -Wwrite-strings \
       -Wpointer-arith -Wcast-qual -Wcast-align -Wtraditional \
       -Wstrict-prototypes -Wmissing-prototypes -Wnested-externs -Winline \
       -Wshadow -pedantic -fPIC -I/home/services/mysql/include
export MKDIR=mkdir -p
export LD_D=gcc -shared -Xlinker -x -L/home/services/mysql/lib -lz
endif

cp pam_mysql.so /lib/security

[[ ! -d /var/lib/mysql ]] && mkdir /var/lib/mysql
ln -s /tmp/mysql.sock /var/lib/mysql/mysql.sock

vi /etc/pam.d/imap
#
# The PAM configuration file for the UW IMAPd `imap' service
#

# The standard Unix authentication modules, used with
# NIS (man nsswitch) as well as normal /etc/passwd and
# /etc/shadow entries.
#@include common-auth
#@include common-account
#@include common-session

auth sufficient pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time

account required pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time

Web-cyradm

tar xvfz web-cyradm-0.5.4.tar.gz

mv web-cyradm-0.5.4  /var/www/ web-cyradm

cd /var/www/web-cyradm/config
cp config.php.dist config.php
vi config.php
<?php

########################################################################################
# 
#             This is web-cyradm Version 0.5.4 CVS 
# 
# 
#########################################################################################

// Set Default language

$DEFAULTLANG = "en_EN";

# The Cyrus login stuff
$CYRUS = array(
        'HOST'  => 'localhost',
        'PORT'  => 143,
        'ADMIN' => 'cyrus',
        'PASS'  => 'secret'
);

/* DB_TYPE

 Possible Values are:
 o mysql
 o pgsql

 To operate a mailsystem with postgreSQL you will need a patch for
 Postfix.

 Other Databases need to be supported by PAM and postfix
*/

$DB = array(
        'TYPE'  => 'mysql',
        'USER'  => 'mail',
        'PASS'  => 'secret',
        'PROTO' => 'unix',      // set to "tcp" for TCP/IP
        'HOST'  => 'localhost',
        'NAME'  => 'mail'
);

$DB['DSN'] = sprintf('%s://%s:%s@%s+%s/%s',     $DB['TYPE'], $DB['USER'],
                                                $DB['PASS'], $DB['PROTO'],
                                                $DB['HOST'], $DB['NAME']);

# Where should web-cyradm write its log to?
#$LOG_DIR = "/var/log/web-cyradm/";
$LOG_DIR = "/var/log/";

# The default timeout in seconds for a session, after that you have to login again
$SESS_TIMEOUT = 1000;

# The default quota sets the default quota for new domains
$DEFAULT_QUOTA = 20000;

# Defines if passwords are encrypted or not.
# Valid Values:
#  - plain 0 No encription is used
#  - crypt 1 (shadow compatible encription)
#  - mysql 2 (MySQL PASSWORD function)
#  - md5 3 (MD5 digest)
$CRYPT = "crypt";

# web-cyradm is compatible with cyrus-imapd-2.0.16 (and earlier?)
# however, if you are using 2.1.x and wish to use email addresses
# with .'s in them such as 'john.doe at mydomain.com' you can set this
# option DOMAIN_AS_PREFIX to '1'.  NOTE: you also have to add this
# line to your imapd.conf file:
#### imapd.conf: ####
# unixhierarchysep: yes

####
$DOMAIN_AS_PREFIX = 1;

# At the moment, web-cyradm supports two methods of password change:
# - through sql
# - poppassd
# sql is the default
$PASSWORD_CHANGE_METHOD = "sql";

# Turn up error reporting level. This overrides settings in your php.ini
#
# E_ALL             - All errors and warnings
# E_ERROR           - fatal run-time errors
# E_WARNING         - run-time warnings (non-fatal errors)
# E_PARSE           - compile-time parse errors
# E_NOTICE          - run-time notices (these are warnings which often result
#                     from a bug in your code, but it's possible that it was
#                     intentional (e.g., using an uninitialized variable and
#                     relying on the fact it's automatically initialized to an
#                     empty string)
# E_CORE_ERROR      - fatal errors that occur during PHP's initial startup
# E_CORE_WARNING    - warnings (non-fatal errors) that occur during PHP's
#                     initial startup
# E_COMPILE_ERROR   - fatal compile-time errors
# E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
# E_USER_ERROR      - user-generated error message
# E_USER_WARNING    - user-generated warning message
# E_USER_NOTICE     - user-generated notice message

#error_reporting(E_ERROR);

$VERSION="0.5.4";

# Define reserved Emailadresses (Separated by comma):
$RESERVED="postmaster,root";


cd ../scripts/

vi insertuser_mysql.sql
connect mysql;
INSERT INTO user (Host, User, Password, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Reload_priv, Shutdown_priv, Process_priv, File_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'mail', PASSWORD('secret'), 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N', 'N');

INSERT INTO db (Host, Db, User, Select_priv, Insert_priv, Update_priv, Delete_priv, Create_priv, Drop_priv, Grant_priv, References_priv, Index_priv, Alter_priv) VALUES ('localhost', 'mail', 'mail', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y', 'Y ');
flush privileges;
create database mail;


/usr/local/mysql/bin/mysql -u root -p < \
/usr/local/apache/htdocs/web-cyradm/scripts/insertuser_mysql.sql


vi  create_mysql.sql

# phpMyAdmin MySQL-Dump
# version 2.2.6
# http://phpwizard.net/phpMyAdmin/
# http://www.phpmyadmin.net/ (download page)
#
# Host: localhost
# Generation Time: Nov 04, 2002 at 01:44 AM
# Server version: 3.23.52
# PHP Version: 4.2.3
# Database : `mail`
# --------------------------------------------------------

#
# Table structure for table `accountuser`
#

CREATE TABLE accountuser (
  username varchar(255) binary NOT NULL default '',
  password varchar(30) binary NOT NULL default '',
  prefix varchar(50) NOT NULL default '',
  domain_name varchar(255) NOT NULL default '',
  UNIQUE KEY username (username)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `adminuser`
#

CREATE TABLE adminuser (
  username varchar(50) binary NOT NULL default '',
  password varchar(50) binary NOT NULL default '',
  type int(11) NOT NULL default '0',
  SID varchar(255) NOT NULL default '',
  home varchar(255) NOT NULL default '',
  PRIMARY KEY  (username)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `alias`
#

CREATE TABLE alias (
  alias varchar(255) NOT NULL default '',
  dest longtext,
  username varchar(50) NOT NULL default '',
  status int(11) NOT NULL default '1',
  PRIMARY KEY  (alias)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `domain`
#

CREATE TABLE domain (
  domain_name varchar(255) NOT NULL default '',
  prefix varchar(50) NOT NULL default '',
  maxaccounts int(11) NOT NULL default '20',
  quota int(10) NOT NULL default '20000',
  transport varchar(255) NOT NULL default 'cyrus',
  freenames enum('YES','NO') NOT NULL default 'NO',
  freeaddress enum('YES','NO') NOT NULL default 'NO',
  PRIMARY KEY  (domain_name),
  UNIQUE KEY prefix (prefix)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `domainadmin`
#

CREATE TABLE domainadmin (
  domain_name varchar(255) NOT NULL default '',
  adminuser varchar(255) NOT NULL default ''
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `search`
#

CREATE TABLE search (
  search_id varchar(255) NOT NULL default '',
  search_sql text NOT NULL,
  perpage int(11) NOT NULL default '0',
  timestamp timestamp(14) NOT NULL,
  PRIMARY KEY  (search_id),
  KEY search_id (search_id)
) TYPE=MyISAM;
# --------------------------------------------------------

#
# Table structure for table `virtual`
#

CREATE TABLE virtual (
  alias varchar(255) NOT NULL default '',
  dest longtext,
  username varchar(50) NOT NULL default '',
  status int(11) NOT NULL default '1',
  KEY alias (alias)
) TYPE=MyISAM;

CREATE TABLE log (
  id int(11) NOT NULL auto_increment,
  msg text NOT NULL,
  user varchar(255) NOT NULL default '',
  host varchar(255) NOT NULL default '',
  time datetime NOT NULL default '2000-00-00 00:00:00',
  pid varchar(255) NOT NULL default '',
  PRIMARY KEY  (id)
) TYPE=MyISAM;

INSERT INTO adminuser (username, password) VALUES ('admin', ENCRYPT('test'));
INSERT INTO domainadmin (domain_name,adminuser) VALUES ('*','admin');
INSERT INTO accountuser (username, password) VALUES ('cyrus', ENCRYPT('secret'));



/usr/local/mysql/bin/mysql mail -u mail -p < \
/usr/local/apache/htdocs/web-cyradm/scripts/create_mysql.sql

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/ms-tnef
Size: 11414 bytes
Desc: not available
Url : https://lists.andrew.cmu.edu/mailman/private/cyrus-sasl/attachments/20060805/053f7348/attachment-0001.bin


More information about the Cyrus-sasl mailing list