Postfix, SASL and LDAPDB: no worthy mech found

Dan White dwhite at olp.net
Thu May 20 12:23:14 EDT 2010


On 20/05/10 17:40 +0200, Julien Vehent wrote:
>On Thu, 20 May 2010 10:35:55 -0500, Dan White <dwhite at olp.net> wrote:
>> 
>> I suspect a chrooting issue with Postfix. The sasl glue library compiled
>> into Postfix needs to find the dynamic plugin libraries in
>/usr/lib/sasl2.
>
>No chrooting in postfix. It's an out-of-the-box configuration with just
>the sasl parameters to test the authentication using ldapdb.

I checked an older Debian install I have and smtpd is chrooted out of the
box.

Check your /etc/postfix/master.cf entry for smtpd:

# ==========================================================================
# service type  private unpriv  chroot  wakeup  maxproc command + args
#               (yes)   (yes)   (yes)   (never) (100)
# ==========================================================================
smtp      inet  n       -       -       -       -       smtpd

To troubleshoot, mark all your services as non chrooted temporarily, or you
could modify your /etc/init.d/postfix script, underneath:

   # see if anything is running chrooted.

and copy the contents of /usr/lib/sasl2 into the chroot.


-- 
Dan White


More information about the Cyrus-sasl mailing list