[BUG] Re: Can't successfully test credentials I just created

Vladimir V. Kamarzin vvk at vvk.pp.ru
Tue Nov 18 01:39:10 EST 2008 

>>>>> On 18 Nov 2008 at 02:52 "AO" == Ann Onemouse writes:

AO> When I start up SASL with "service saslauthd start", here's what's
AO> running:
AO> ==================================
AO> [root at emailrelay ~]# ps auxwww | grep sasl
AO> root      4828  0.0  0.3  46648   804 ?        Ss   16:10   0:00 /usr/
AO> sbin/saslauthd -m /var/run/saslauthd -a pam
AO> ==================================
AO> It's using PAM, right? It should work with any shell account I create,
AO> right?

AO> So,  I create a regular Unix shell account, set the password to
AO> '1234', and verify that I can login as the user in question.
AO> ==================================
AO> ann at some-other-host:~> ssh relay at emailrelay.mydomain.com
AO> relay at emailrelay.mydomain.com's password:  [ here I type '1234' ]
AO>   Last login: Mon Nov 17 16:06:15 2008 from xxx.xxx.xxx.xxx
AO> [relay at emailrelay ~]$
AO> ==================================
AO> OK, shell login works. Later, if I can get this working, I will set
AO> the shell to "/sbin/nologin".


AO> Now, at this point, SASL should authenticate against these credentials
AO> with no problem, right? So, why won't this work?
AO> ==================================
AO> [root at emailrelay ~]# testsaslauthd -u relay -p 1234
AO> 0: NO "authentication failed"
AO> ==================================
AO>    and from /var/log/messages...
AO> ==================================
AO> Nov 17 16:47:49 emailrelay saslauthd[4831]: do_auth         : auth
AO> failure: [user=relay] [service=imap] [realm=] [mech=pam] [reason=PAM
AO> auth error]
AO> ==================================

Can you run saslauthd with options "-a pam -n 0" and test it with
testsaslauthd?

testsaslauthd -u relay -p 1234 - works or not? I think that current cyrus-sasl
is broken in this place.

"-a pam -n 0" - works fine.
"-a pam" - works for 3-4 times, than stop working:

[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
0: OK "Success."
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
0: OK "Success."
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
^[[A
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
connect() : No such file or directory

# ps aux |grep sasla
root      1540  0.0  0.0   5256   972 ?        Ss   Nov17   0:00 /usr/sbin/saslauthd -a pam
root      1541  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd] <defunct>
root      1542  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd] <defunct>
root      1543  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd] <defunct>
root      1544  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd] <defunct>
root      1569  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd] <defunct>

Do you confirm same behavior of saslauthd?

-- 
vvk

More information about the Cyrus-sasl mailing list