postfix + saslauthd: SASL PLAIN authentication failed: no mechanism available

Ana Díez Ana.Diez at si.upct.es
Mon Dec 5 10:27:46 EST 2011


El 01/12/2011 19:00, Dan White escribió:
> On 01/12/11 12:34 +0100, Ana Díez wrote:
>> Hi,
>>
>> I'm working to configure SASL (2.1.25) with Postfix 2.7.1. in Solaris 
>> 10.
>>
>> I'm running saslauthd with ldap:
>>
>> /usr/local/sbin/saslauthd -a ldap
>>
>> And running manually "testsaslauthd" works ok
>> # /usr/local/sbin/testsaslauthd -u xxxx -p xxxxx
>> 0: OK "Success."
>>
>> But Postfix seems to ignore the "pwcheck_method". Although I set it as
>> "saslauthd", I receive "could not find auxprop plugin, was searching for
>> '[all]'", "SASL PLAIN authentication failed: no mechanism available" 
>> im my
>> logs.
>>
>> The file /usr/local/lib/sasl2/smtpd.conf:
>
> I believe Postfix overwrites the confdir path via a callback. It appears
> that it is:
>
> *path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl2", (char 
> *) 0);
>
> For example:
>
> /etc/postfix/sasl:/usr/lib/sasl2 
> You'll need to place your smtpd.conf file into one of those two 
> directories for libsasl2 to see it.

I have already links from those directories to smtpd.conf

>
>> pwcheck_method: saslauthd
>> mech_list: PLAIN LOGIN
>> saslauthd_path: /var/state/saslauthd/
>
> saslauthd_path should include the full path to the mux, e.g.:
>
> saslauthd_path: /var/state/saslauthd/mux
>
Ok, I have made this change.
> If you happen to be running postfix chrooted (within master.cf), then 
> that
> will affect where postfix (and libsasl2) will look for the saslauthd mux.
>
>> The Postfix configuration:
>>
>> # postconf -n | grep sasl
>> broken_sasl_auth_clients = yes
>> smtpd_client_restrictions = permit_mynetworks,  
>> permit_sasl_authenticated,      reject_unauth_destination,      
>> check_relay_domains
>> smtpd_recipient_restrictions = permit_mynetworks,        
>> permit_sasl_authenticated,     check_relay_domains,    
>> reject_non_fqdn_recipient
>> smtpd_sasl_auth_enable = yes
>> smtpd_sasl_path = smtpd
>> smtpd_sasl_security_options = noanonymous
>> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
>
> Patrick's 'saslfinger' script might help to catch some other problems.
>
I have executed saslfinger but I didn't found any problem.

Deepening, I  have seen that when I built cyrus sasl only static 
libraries are created for auth mech:
#ls -l /usr/local/lib/sasl2/
-rwxr-xr-x   1 root     root         795 dic  5 15:59 libsasldb.la
-rwxr-xr-x   1 root     root         774 dic  5 15:59 libscram.la
-rwxr-xr-x   1 root     root         768 dic  5 15:59 libotp.la
-rwxr-xr-x   1 root     root         765 dic  5 15:59 libplain.la
-rwxr-xr-x   1 root     root         765 dic  5 15:59 liblogin.la
-rw-r--r--   1 root     root      123568 dic  5 15:59 libsasldb.a
-rw-r--r--   1 root     root      126560 dic  5 15:59 libscram.a
-rw-r--r--   1 root     root      158248 dic  5 15:59 libotp.a
-rw-r--r--   1 root     root       69832 dic  5 15:59 libplain.a
-rw-r--r--   1 root     root       69008 dic  5 15:59 liblogin.a

I still get the same problem...

Thanks.
Ana

-- 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111205/9c0e3650/attachment-0001.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firma-escudoupct.jpg-blanco.JPG
Type: image/jpeg
Size: 29412 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111205/9c0e3650/attachment-0001.jpe 


More information about the Cyrus-sasl mailing list