Can't successfully test credentials I just created

Ann Onemouse annonemouse at me.com
Tue Nov 18 11:11:10 EST 2008


Hi, folks.

On Nov 18, 2008, at 1:39 AM, Vladimir V. Kamarzin wrote:
> Can you run saslauthd with options "-a pam -n 0" and test it with
> testsaslauthd?
Sure.

> testsaslauthd -u relay -p 1234 - works or not? I think that current  
> cyrus-sasl
> is broken in this place.
It does not work for me with "pam". In order to get the testsaslauthd  
command to work against regular shell accounts, I have to use the  
"shadow"  mechanism, either by setting it in /etc/sysconfig/saslauthd,  
or on the command-line.

> "-a pam -n 0" - works fine.
> "-a pam" - works for 3-4 times, than stop working:
> ...
> 1569  0.0  0.0      0     0 ?        Z    Nov17   0:00 [saslauthd]  
> <defunct>
>
> Do you confirm same behavior of saslauthd?
I'm afraid I cannot. On my system (CentOS 5.2 and cyrus-sasl RPM  
2.1.22.4), the testsaslauthd command behaves consistently, and does  
not cause the server process to go defunct, no matter how many times I  
run it (I tried 100 times).

So, to summarize so far:
I have gotten the command "testsaslauthd -u relay -p 1234" to work as  
long as
    1) there is a shell account with username "relay" and password  
"1234"
    2) saslauthd is run with the "shadow" mechanism
Also, my testsaslauthd seems pretty stable, despite several credible  
reports to the contrary on this mailing list.

Thanks again to both of you for your helpful suggestions. I will now  
try Dan's suggestion of using the sample-client utility to verify the  
authentication before I move on to Postfix config.

- Ann






More information about the Cyrus-sasl mailing list