postfix + saslauthd: SASL PLAIN authentication failed: no, mechanism available
Ana Díez
Ana.Diez at si.upct.es
Fri Dec 9 03:23:29 EST 2011
Hi,
thanks a lot for your answers.
Finally I did it so:
First I built sasl 2.1.25 with ldap mechanism (I need it) and only it
were created statics libraries.
Second, I replaced sasl libs (/usr/local/lib/libsasl2.* and
/usr/local/lib/sasl2/*) with the libraries from cyrus sasl package from
sunfreeware (wich creates share libraries but not includes ldap support).
# /usr/local/sbin/saslauthd -v
saslauthd 2.1.25
authentication mechanisms: getpwent pam rimap shadow ldap
I don't nkow if that is correct or imprudent but at the moment it works
fine.... any comment?
Ana.
>> On 01/12/11 12:34 +0100, Ana D?ez wrote:
>>> Hi,
>>>
>>> I'm working to configure SASL (2.1.25) with Postfix 2.7.1. in Solaris
>>> 10.
>>>
>>> I'm running saslauthd with ldap:
>>>
>>> /usr/local/sbin/saslauthd -a ldap
>>>
>>> And running manually "testsaslauthd" works ok
>>> # /usr/local/sbin/testsaslauthd -u xxxx -p xxxxx
>>> 0: OK "Success."
>>>
>>> But Postfix seems to ignore the "pwcheck_method". Although I set it as
>>> "saslauthd", I receive "could not find auxprop plugin, was searching for
>>> '[all]'", "SASL PLAIN authentication failed: no mechanism available"
>>> im my
>>> logs.
>>>
>>> The file /usr/local/lib/sasl2/smtpd.conf:
>> I believe Postfix overwrites the confdir path via a callback. It appears
>> that it is:
>>
>> *path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl2", (char
>> *) 0);
>>
>> For example:
>>
>> /etc/postfix/sasl:/usr/lib/sasl2
>> You'll need to place your smtpd.conf file into one of those two
>> directories for libsasl2 to see it.
> I have already links from those directories to smtpd.conf
>
>>> pwcheck_method: saslauthd
>>> mech_list: PLAIN LOGIN
>>> saslauthd_path: /var/state/saslauthd/
>> saslauthd_path should include the full path to the mux, e.g.:
>>
>> saslauthd_path: /var/state/saslauthd/mux
>>
> Ok, I have made this change.
>> If you happen to be running postfix chrooted (within master.cf), then
>> that
>> will affect where postfix (and libsasl2) will look for the saslauthd mux.
>>
>>> The Postfix configuration:
>>>
>>> # postconf -n | grep sasl
>>> broken_sasl_auth_clients = yes
>>> smtpd_client_restrictions = permit_mynetworks,
>>> permit_sasl_authenticated, reject_unauth_destination,
>>> check_relay_domains
>>> smtpd_recipient_restrictions = permit_mynetworks,
>>> permit_sasl_authenticated, check_relay_domains,
>>> reject_non_fqdn_recipient
>>> smtpd_sasl_auth_enable = yes
>>> smtpd_sasl_path = smtpd
>>> smtpd_sasl_security_options = noanonymous
>>> smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
>> Patrick's 'saslfinger' script might help to catch some other problems.
>>
> I have executed saslfinger but I didn't found any problem.
>
> Deepening, I have seen that when I built cyrus sasl only static
> libraries are created for auth mech:
> #ls -l /usr/local/lib/sasl2/
> -rwxr-xr-x 1 root root 795 dic 5 15:59 libsasldb.la
> -rwxr-xr-x 1 root root 774 dic 5 15:59 libscram.la
> -rwxr-xr-x 1 root root 768 dic 5 15:59 libotp.la
> -rwxr-xr-x 1 root root 765 dic 5 15:59 libplain.la
> -rwxr-xr-x 1 root root 765 dic 5 15:59 liblogin.la
> -rw-r--r-- 1 root root 123568 dic 5 15:59 libsasldb.a
> -rw-r--r-- 1 root root 126560 dic 5 15:59 libscram.a
> -rw-r--r-- 1 root root 158248 dic 5 15:59 libotp.a
> -rw-r--r-- 1 root root 69832 dic 5 15:59 libplain.a
> -rw-r--r-- 1 root root 69008 dic 5 15:59 liblogin.a
>
> I still get the same problem...
>
> Thanks.
> Ana
>
--
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111209/304a368e/attachment-0001.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: image/jpeg
Size: 29412 bytes
Desc: not available
Url : http://lists.andrew.cmu.edu/pipermail/cyrus-sasl/attachments/20111209/304a368e/attachment-0001.jpe
More information about the Cyrus-sasl
mailing list