saslauthd -a pam + 'imap' service name = dead saslauthd
Igor Brezac
igor at ipass.net
Wed Mar 29 21:01:29 EST 2006
Can you get a backtrace?
-Igor
On Wed, 29 Mar 2006, Jeff Blaine wrote:
> Hi Nico,
>
> Comments below.
>
> Nicolas Williams wrote:
>> On Wed, Mar 29, 2006 at 06:25:01PM -0500, Jeff Blaine wrote:
>>> Is this a known issue? What am I doing wrong?
>>>
>>> Solaris 9 SPARC
>>> Cyrus IMAPd 2.2.12
>>> Cyrus SASL 2.1.20
>>>
>>> 1. saslauthd -a pam
>>>
>>> 2. 'imap' used as PAM service name (below snippet).
>>>
>>> RESULT: saslauthd promptly crashes. Zero logins.
>>> Can repeat.
>>>
>>> #------------ BEGIN /etc/pam.conf imap lines ------------------
>>> imap auth requisite pam_authtok_get.so.1
>>> imap auth required pam_dhkeys.so.1
>>> imap auth sufficient /usr/lib/security/pam_afs.so.1 ignore_root
>>> setenv_password_expires
>>> imap auth required pam_unix_auth.so.1
>>> #------------ END /etc/pam.conf imap lines --------------------
>>>
>>> Attached output from 'truss -f -p <parent_saslauthd_PID>'
>>> during a connection under the situation above.
>>>
>>> I see nothing interesting :(
>>
>> For one you've truncated the truss, so I one can't tell what file
>> descriptor 9 is (it's a door, but to what? nscd I bet).
>
> Hmm. I'll try again. Looking at the file I attached, it
> is not truncated. It ends where saslauthd exit()s and I
> get my shell prompt back.
>
> Reattached.
>
>> For another, something's forking, and the child is sendign SIGTERM to
>> the parent for no apparent reason.
>>
>> Try apptrace(1).
>
> apptrace -f -o ~/Private/apptrace.out /linus/mail/cyrus/sbin/saslauthd -a pam
>
> Gives me: unexpected version 3
>
>> Also, it's not even clear if this is happening in PAM or not; apptrace
>> will help. Logs would too (add 'debug' to all those PAM modules'
>> arguments, configure syslog to save debug logs, create the debug log,
>> restart syslogd).
>
> debug info included in pam.log attachment
>
--
Igor
More information about the Cyrus-sasl
mailing list