Can't successfully test credentials I just created
Ann Onemouse
annonemouse at me.com
Tue Nov 18 11:11:10 EST 2008
Hi, folks.
On Nov 18, 2008, at 1:39 AM, Vladimir V. Kamarzin wrote:
> Can you run saslauthd with options "-a pam -n 0" and test it with
> testsaslauthd?
Sure.
> testsaslauthd -u relay -p 1234 - works or not? I think that current
> cyrus-sasl
> is broken in this place.
It does not work for me with "pam". In order to get the testsaslauthd
command to work against regular shell accounts, I have to use the
"shadow" mechanism, either by setting it in /etc/sysconfig/saslauthd,
or on the command-line.
> "-a pam -n 0" - works fine.
> "-a pam" - works for 3-4 times, than stop working:
> ...
> 1569 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd]
> <defunct>
>
> Do you confirm same behavior of saslauthd?
I'm afraid I cannot. On my system (CentOS 5.2 and cyrus-sasl RPM
2.1.22.4), the testsaslauthd command behaves consistently, and does
not cause the server process to go defunct, no matter how many times I
run it (I tried 100 times).
So, to summarize so far:
I have gotten the command "testsaslauthd -u relay -p 1234" to work as
long as
1) there is a shell account with username "relay" and password
"1234"
2) saslauthd is run with the "shadow" mechanism
Also, my testsaslauthd seems pretty stable, despite several credible
reports to the contrary on this mailing list.
Thanks again to both of you for your helpful suggestions. I will now
try Dan's suggestion of using the sample-client utility to verify the
authentication before I move on to Postfix config.
- Ann
More information about the Cyrus-sasl
mailing list