Bug: cyrus-sasl fills systemd journal with SQL debug messages

Dan White dwhite at olp.net
Tue Oct 6 09:30:16 EDT 2015


On 10/06/15 12:00 +0200, Patrick Wagner wrote:
>I'm in the process of migrating a postfix + cyrus-sasl auth installation from Ubuntu 12.04 to CentOS 7 and noticed that my system journal gets flooded with auth.debug syslog messages generated by the auxprop sql module.
>
>Such as:
>
>Oct 05 11:55:01 mail postfix/smtpd[5883]: sql auxprop plugin using mysql engine
>Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin Parse the username sasl-user
>Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin try and connect to a host
>Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin trying to open db 'postfix' on host '127.0.0.1:3306'
>Oct 05 11:55:01 mail postfix/smtpd[5883]: sql plugin create statement from userPassword sasl-user mail.domain

>I've taken the issue to the postfix-users list at first [1] and in the meantime also found hints on this cyrus-sasl list and Viktor Dukhovni eventually confirmed that the postfix callback is indeed ignored because the log() calls do not include the connection handle, see:
>
>http://marc.info/?l=postfix-users&m=144408276316379&w=2
>
>And proposed path by Viktor Dukhovni (for the SQL module only)
>http://marc.info/?l=postfix-users&m=144408506116930&w=2
>
>I take this to mean that using cyrus-sasl with SQL backend will create a LOT of noise on every distribution that utilizes systemd and its journal?
>
>[1] http://marc.info/?l=postfix-users&m=144404104202153&w=2

Do you have a 'log_level' specified in your postfix sasl smtpd.conf file?
If so, see the sasl.h header file in the source for what the different
values should produce in your output.

The shotgun approach for reducing the impact on your syslog is to modify
your syslog daemon configuration to disregard auth.debug (auth.*).

-- 
Dan White


More information about the Cyrus-sasl mailing list