saslpasswd2 isn't creating shared secrets?

Jay Levitt jlevitt at
Mon Sep 25 20:30:14 EDT 2006

I'm trying to copy a SASL config from my old Mandrake files to a new Ubuntu 
6.06 server so I can authenticate with Cyrus IMAPD and sendmail.  However, 
as I have a new server name (and therefore a new realm), I'm trying to 
create a new account with saslpasswd2.  It successfully writes to 
/etc/sasldb2 (which I've copied over), but the new accounts have only 
userPassword properties, not the cmusaslsecretSRP property which seems 
needed for CRAM-MD5 authentication in Cyrus IMAPD.  So I get the following 
error from IMAPD:

Sep 25 18:56:41 server cyrus/imaps[13611]: badlogin: 
[192.168.x.x] CRAM-MD5 [SASL(-13): user not found: no secret in database]

I sometimes, though not always, get the following error creating an account 
with saslpasswd2:

Sep 25 18:38:04 server saslpasswd2: secret not changed for testing2: no 
writable auxprop plugin or setpass callback found
Sep 25 18:38:04 server saslpasswd2: error deleting entry from sasldb: 
DB_NOTFOUND: No matching key/data pair found

My /etc/imapd.conf (which worked under Mandrake) includes:

sasl_pwcheck_method:    auxprop
allowplaintext:		no

I've googled for these errors but haven't found anything enlightening; most of the problems are permissions-related, and I'm running as root with a root-owned sasldb2.  I'm 
using the Ubuntu SASL packages, so I'm not sure how they were built, but 
I'd be happy to build from source if it'd make a difference.  The package 
version is 2.1.19.dfsg1-0.1ubuntu2.

Any troubleshooting tips?

Jay Levitt

More information about the Cyrus-sasl mailing list