Postfix+Cyrus+MySQL please help its been 3 days

Kendrick Vargas ken at hudat.com
Thu Nov 14 20:25:28 EST 2002


You know, you might just want to have sasl authenticate directly against 
mysql. It'll take a layer or two off of your authentication path, ie.. 
imapd -> sasl -> saslauthd -> pam -> mysql, instead of simply imapd -> 
sasl -> mysql. 

Also, for a while I was following pam_mysql and it seemed a number of 
people (including the primary developer) ditched it in order to work on 
nss_mysql instead. It had something to do with being able to achieve some 
sort of efficiency when interfaced with nss that you couldn't with pam. 

You might want to look at these two options. It will likely produce a more 
efficient setup for you. Otherwise, is there a reason you wanna go through 
pam? I setup mysql + postfix + cyrus imap/sasl on my own server without 
too much trouble. And my system users authenticate against nss_mysql. I 
can't imagine if I'd tried to get pam_mysql working.
			-peace

On Fri, 15 Nov 2002 skuran at hacettepe.edu.tr wrote:

> Hi all,
> 
> i was running qmail+Courier-IMAP+mysql+checkpassword+SMTP-auth on RedHat
> 7.3 before i decided to switch to Postfix+Cyrus+MySQL on RedHat 8.0,so i
> setup a test system to see if i could make it. The test system is running
> RedHat 8.0, Postfix 1.1.11-5, MySQL-3.23.52-3, Cyrus-2.1.9
> 
> * I rebuilt postfix from src.rpm to have SMTP-auth
> * installed mysql rpm
> * installed Cyrus from tar sources
> * cyrus-sasl is installed by default
> * installed pam_mysql to auth users from mysql database
> 
> and followed Luc's HOWTO.
> 
> The problem is;
>   Nobody can login IMAP
>   Cyrus user cannot login using Cryadm
> 
> even if the pam_mysql query returns TRUE (mysql logs)
> 
> Please help, its been 3 days, and im completely lost.
> 
> 
> Here is /etc/pam.d/imap
> ---------------------------
> auth        sufficient   pam_mysql.so user=mail passwd=secret
> host=localhost db=mail table=accountuser usercolumn=username
> passwdcolumn=password crypt=0
> auth        required     pam_mysql.so user=mail passwd=secret
> host=localhost db=mail table=accountuser usercolumn=username
> passwdcolumn=password crypt=0
> ---------------------------
> 
> Here is /etc/cyrus.conf
> -----------------------------------------
> # standard standalone server implementation
> 
> START {
>   # do not delete these entries!
>   mboxlist      cmd="ctl_mboxlist -r"
>   deliver       cmd="ctl_deliver -r"
> 
>   # this is only necessary if using idled for IMAP IDLE
> #  idled                cmd="idled"
> }
> 
> # UNIX sockets start with a slash and are put into /var/imap/socket
> SERVICES {
>   # add or remove based on preferences
>    imap          cmd="imapd" listen="imap" prefork=0
>    imaps         cmd="imapd -s" listen="imaps" prefork=0
> #   pop3          cmd="pop3d" listen="pop3" prefork=0
> #  pop3s         cmd="pop3d -s" listen="pop3s" prefork=0
> #  sieve         cmd="timsieved" listen="sieve" prefork=0
> 
>   # at least one LMTP is required for delivery
> #  lmtp         cmd="lmtpd" listen="lmtp" prefork=0
>    lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
> }
> 
> EVENTS {
>   # this is required
>   checkpoint    cmd="ctl_mboxlist -c" period=30
> 
>   # this is only necessary if using duplicate delivery suppression
>   delprune      cmd="ctl_deliver -E 3" period=1440
> }
> ------------------------------------------------------
> 
> Here is /etc/imapd.conf
> ---------------------------
> postmaster: postmaster
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> admins: cyrus
> allowanonymouslogin: no
> allowplaintext: yes
> sasl_mech_list: PLAIN
> servername: myhostname.mydomain.local
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> sasl_pwcheck_method: saslauthd
> sendmail: /usr/sbin/sendmail
> unixhierarchysep: yes
> ---------------------------
> 
> Here is the result of imtest
> -------------------------------------------------------------
> #imtest -a cyrus -v localhost
> S: * OK myhostname.mydomain.local Cyrus IMAP4 v2.1.9 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE U
> IDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT
> THREAD=ORDEREDSUBJ
> ECT THREAD=REFERENCES IDLE
> S: C01 OK Completed
> Please enter your password:
> C: L01 LOGIN cyrus {6}
> S: + go ahead
> C: <omitted>
> S: L01 NO Login failed: authentication failure
> Authentication failed. generic failure
> Security strength factor: 0
> -------------------------------------------------------------
> MySQL Log after runing imtest
> 
> 021114 23:44:09      38 Connect     myhostname at localhost on myhostname
>                      38 Init DB     mail
>                      38 Query       select username from accountuser where
> usern
> ame='cyrus' and password='secret'
>                      38 Quit
> (the user 'cyrus' exists in the 'accountuser' table and his password is
> 'secret' in plaintext, that is this query returns 'true')
> -------------------------------------------------------------
> System Log
> 
> Nov 14 23:44:09 myhostname saslauthd[2503]: AUTHFAIL: user=cyrus
> service=imap realm
> = [PAM acct error]
> Nov 14 23:44:09 myhostname imapd[2728]: badlogin: myhostname[127.0.0.1]
> plaintext cyru
> s SASL(-13): authentication failure: checkpass failed
> 
> 
> If anyone have any idea why i can't login please help, THANKS for reading.
> 

-- 
Let he who is without clue kiss my ass





More information about the Info-cyrus mailing list