[BUG] Re: Can't successfully test credentials I just created
Vladimir V. Kamarzin
vvk at vvk.pp.ru
Tue Nov 18 01:39:10 EST 2008
>>>>> On 18 Nov 2008 at 02:52 "AO" == Ann Onemouse writes:
AO> When I start up SASL with "service saslauthd start", here's what's
AO> running:
AO> ==================================
AO> [root at emailrelay ~]# ps auxwww | grep sasl
AO> root 4828 0.0 0.3 46648 804 ? Ss 16:10 0:00 /usr/
AO> sbin/saslauthd -m /var/run/saslauthd -a pam
AO> ==================================
AO> It's using PAM, right? It should work with any shell account I create,
AO> right?
AO> So, I create a regular Unix shell account, set the password to
AO> '1234', and verify that I can login as the user in question.
AO> ==================================
AO> ann at some-other-host:~> ssh relay at emailrelay.mydomain.com
AO> relay at emailrelay.mydomain.com's password: [ here I type '1234' ]
AO> Last login: Mon Nov 17 16:06:15 2008 from xxx.xxx.xxx.xxx
AO> [relay at emailrelay ~]$
AO> ==================================
AO> OK, shell login works. Later, if I can get this working, I will set
AO> the shell to "/sbin/nologin".
AO> Now, at this point, SASL should authenticate against these credentials
AO> with no problem, right? So, why won't this work?
AO> ==================================
AO> [root at emailrelay ~]# testsaslauthd -u relay -p 1234
AO> 0: NO "authentication failed"
AO> ==================================
AO> and from /var/log/messages...
AO> ==================================
AO> Nov 17 16:47:49 emailrelay saslauthd[4831]: do_auth : auth
AO> failure: [user=relay] [service=imap] [realm=] [mech=pam] [reason=PAM
AO> auth error]
AO> ==================================
Can you run saslauthd with options "-a pam -n 0" and test it with
testsaslauthd?
testsaslauthd -u relay -p 1234 - works or not? I think that current cyrus-sasl
is broken in this place.
"-a pam -n 0" - works fine.
"-a pam" - works for 3-4 times, than stop working:
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
0: OK "Success."
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
0: OK "Success."
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
^[[A
[root at ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar
connect() : No such file or directory
# ps aux |grep sasla
root 1540 0.0 0.0 5256 972 ? Ss Nov17 0:00 /usr/sbin/saslauthd -a pam
root 1541 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct>
root 1542 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct>
root 1543 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct>
root 1544 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct>
root 1569 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct>
Do you confirm same behavior of saslauthd?
--
vvk
More information about the Cyrus-sasl
mailing list