Can't use cyradm with user cyrus
Raimund Eimann
raimund at busy-byte.org
Fri Apr 23 10:48:25 EDT 2010
Hi,
I am not very experienced with cyrus, and I am running into a problem each
time I want to run cyradm:
cyrus at box:~> cyradm --user cyrus --auth login --server localhost
IMAP Password:
Login failed: authentication failure at
/usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi/Cyrus/IMAP/Admin.pm
line 119
cyradm: cannot authenticate to server with login as cyrus
I use sasldb2 for authentication, and I have added cyrus into the saslsb
using:
saslpasswd2 -c cyrus -u localhost
I can see that this both username and password actually arrived in
/etc/sasldb2 by doing a
strings /etc/sasldb2
Things also don't work when I use the root account on my system (produces
exacly the same outpit as above).
If Ileave the --auth login away, I am asked for two passwords, once just
"password" and once "IMAP password":
box:~ # cyradm --user cyrus --server localhost
Password:
IMAP Password:
Login failed: authentication failure at
/usr/lib/perl5/vendor_perl/5.10.0/i586-linux-thread-multi/Cyrus/IMAP/Admin.pm
line 119
cyradm: cannot authenticate to server with as cyrus
Not knowing what the first password might be, I set a password using
passwd in /etc/shadow for the user cyrus, but even hacking in this does
not
help anything.
If I want to create new mailboxes or manage the quotas, then I always need
to add myself to the admins in /etc/imapd.conf, which is quite annoying. I
think for these kinds of works there should be a dedicated & working cyrus
account.
For reference: This is my /etc/imapd.conf:
configdirectory: /var/lib/imap
partition-default: /var/spool/imap
sievedir: /var/lib/sieve
admins: cyrus root
allowanonymouslogin: no
allowplaintext: yes
autocreatequota: 0
createonpost: yes
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
#sasl_pwcheck_method: saslauthd
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN LOGIN
lmtpsocket: /var/spool/postfix/socket/lmtp
lmtp_overquota_perm_failure: no
lmtp_downcase_rcpt: yes
#
# if you want TLS, you have to generate certificates and keys
#
tls_cert_file: /srv/certs/mail/mail.serv.org.crt
tls_key_file: /srv/certs/mail/mail.serv.org.key
tls_ca_file: /srv/certs/ca/serv/root.crt
tls_ca_path: /srv/certs/ca/serv
Can someone here tell me what I am doing wrong? I have search the web for
an entire day now and I'm getting tired of reading halfway through posts
that don't apply to my situation, because most poeple seem to use
saslauthd, which is complete overkill for my little box.
Cheers,
Raimund
More information about the Cyrus-sasl
mailing list