Errors using PAM and saslauthd
Russell Gnann
rgnann at corp.pol.net
Tue Nov 26 14:06:29 EST 2002
Hi,
I am having some authentication issues using saslauthd -a pam. The errors
that show up in the message log when a login attempt is made are
imapd[13427]: [ID 702911 auth.error] auxpropfunc error -4
imapd[13427]: [ID 702911 auth.debug] _sasl_plugin_load failed on
sasl_auxprop_plug_init for plugin: sasldb
saslauthd[12854]: [ID 308033 auth.debug] pam_acct_mgmt: error Permission
denied
saslauthd[12854]: [ID 308033 auth.debug] pam_acct_mgmt: error No account
present for user
saslauthd[12854]: [ID 226429 auth.debug] DEBUG: auth_pam: pam_acct_mgmt
failed: Permission denied
saslauthd[12854]: [ID 982738 auth.warning] AUTHFAIL: user=foo service=imap
realm= [PAM acct error]
We use a couple of in house PAM modules for authentication. On the same
server that this cyrus installation is built, they work fine using a test
application. We did a truss of saslauthd and noticed once it had completed
the in house authentication it seemed to attempt authentication using the
pam_unix.so.1. In fact we can authenticate using with the user cyrus
successfully, but other local users can not since they fail on the in house
PAM module (not that we want the other local users to authenticate).
The imapd.conf we are using contains
admins: cyrus
allowanonymouslogin: no
sasl_passwd_check: saslauthd
allowplaintext: yes
Ths Cyrus.conf for sasl2 contains
pwcheck_method: saslauthd
We are kind of lost on this end at the moment and any insight someone might
provide would be greatly appreciated. Thanks for any help.
Russ
More information about the Info-cyrus
mailing list