SASL2, sendmail, pam, auth failed
Alex
dermannda at web.de
Fri Jul 14 08:53:24 EDT 2006
hello,
well, to put it briefly, i can't get sendmail to authentificate,
although i made all by the book (..i think)
so,i use a sendmail DUAL configuration with amavisd
-------------------------------------------------------------------------------
# sendmail -d0.1
Version 8.13.6
Compiled with: DNSMAP LOG MAP_REGEX MATCHGECOS MILTER MIME7TO8 MIME8TO7
NAMED_BIND NDBM NETINET NETINET6 NETUNIX NIS NISPLUS
PIPELINING
SASLv2 SCANF STARTTLS XDEBUG
-------------------------------------------------------------------------------
on a
-------------------------------------------------------------------------------
#uname -a
SunOS name 5.10 Generic_118822-25 sun4u sparc SUNW,Ultra-4
--------------------------------------------------------------------------------
here are some config files/outputs:
---------------------------------------------------------------------------------
#less sendmail-rx.mc
...
define(`confLOG_LEVEL', `13')
...
dnl AUTH
define(`confAUTH_MECHANISMS', `PLAIN LOGIN')dnl
dnl Weitervermittlung erlauben, WENN der Host sich erfolgreich
authentifiziert hat
TRUST_AUTH_MECH(`PLAIN LOGIN')dnl
dnl p-PLAIN/LOGIN nur dann anbieten, wenn SSL/TLS aktiv ist
dnl y- anonymous-login verbieten
define(`confAUTH_OPTIONS', `A y')dnl
...
-----------------------------------------------------------------------------------
-----------------------------------------------------------------------------------
root 311 1 0 13:48:28 ? 0:00 /opt/csw/sbin/saslauthd
-a pam
root 313 311 0 13:48:28 ?
0:00 /opt/csw/sbin/saslauthd -a pam
root 312 311 0 13:48:28 ?
0:00 /opt/csw/sbin/saslauthd -a pam
root 314 311 0 13:48:28 ?
0:00 /opt/csw/sbin/saslauthd -a pam
root 315 311 0 13:48:28 ?
0:00 /opt/csw/sbin/saslauthd -a pam
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
#less Sendmail.conf
pwcheck_method:saslauthd
mech_list: LOGIN PLAIN
saslauthd_path:/var/opt/csw/saslauthd
------------------------------------------------------------------------------------
------------------------------------------------------------------------------------
ll /var/opt/csw/saslauthd
Gesamt 6
drwxrws--- 2 root sasl 512 Jul 13 13:48 ./
drwxr-xr-x 3 root bin 512 Jul 7 16:12 ../
srwxrwxrwx 1 root sasl 0 Jul 13 13:48 mux=
-rw------- 1 root sasl 0 Jul 13 13:48 mux.accept
-rw------- 1 root sasl 4 Jul 13 13:48 saslauthd.pid
-------------------------------------------------------------------------------------
-------------------------------------------------------------------------------------
# ldd /usr/lib/sendmail
libsasl2.so.2 => /usr/lib/libsasl2.so.2
libresolv.so.2 => /lib/libresolv.so.2
libsocket.so.1 => /lib/libsocket.so.1
libnsl.so.1 => /lib/libnsl.so.1
libc.so.1 => /lib/libc.so.1
libdl.so.1 => /lib/libdl.so.1
libmp.so.2 => /lib/libmp.so.2
libmd5.so.1 => /lib/libmd5.so.1
libscf.so.1 => /lib/libscf.so.1
libdoor.so.1 => /lib/libdoor.so.1
libuutil.so.1 => /lib/libuutil.so.1
libm.so.2 => /lib/libm.so.2
--------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------
#testsaslauthd -u user -p pass
0: OK "Success."
---------------------------------------------------------------------------------------
when i try to authentificate (via sendmail) i get:
---------------------------------------------------------------------------------------
mta-rx: [ID 801593 mail.error] k6DCm1ID002220: AUTH failure (PLAIN):
generic failure (-1) SASL(-1): generic failure: Password verification
failed
---------------------------------------------------------------------------------------
---------------------------------------------------------------------------------------
mta-rx: [ID 801593 mail.warning] k6DCnNJu002290: AUTH failure (LOGIN):
generic failure (-1) SASL(-1): generic failure: checkpass failed
---------------------------------------------------------------------------------------
it looks like sendmail doesnt see saslauthd (?!)
i've started saslauthd in debug mode and
when i run testsaslauthd, i get
----------------------------------------------------------------------------------------
# saslauthd -a pam -d
saslauthd[12076] :main : num_procs : 5
saslauthd[12076] :main : mech_option: NULL
saslauthd[12076] :main : run_path : /var/opt/csw/saslauthd
saslauthd[12076] :main : auth_mech : pam
saslauthd[12076] :ipc_init : using accept lock
file: /var/opt/csw/saslauthd/mux.accept
saslauthd[12076] :detach_tty : master pid is: 0
saslauthd[12076] :ipc_init : listening on
socket: /var/opt/csw/saslauthd/mux
saslauthd[12076] :main : using process model
saslauthd[12076] :have_baby : forked child: 12077
saslauthd[12076saslauthd[] :have_baby 12077: forked child:
12078] :
get_accept_lock : acquired accept lock
saslauthd[12076] :have_baby : forked child: 12079
saslauthd[12076] :have_baby : forked child: 12080
saslauthd[12077] :rel_accept_lock : saslauthd[released accept lock
12078] :get_accept_lock : acquired accept lock
saslauthd[12077] :do_auth : auth success: [user=user]
[service=imap] [realm=] [mech=pam]
saslauthd[12077] :do_request : response: OK
-------------------------------------------------------------------------------------------
when i try to authentificate via sendmail, nothing happens .....
doesn't sendmail know from saslauthd (?!)
Can anyone help me?
Thanks!
Alex Thor.
More information about the Cyrus-sasl
mailing list