timsieved isn't listing any auth methods
Simon Matter
simon.matter at ch.sauter-bc.com
Fri Nov 1 02:26:21 EST 2002
Nick Fisher schrieb:
>
> Hi People,
> I can't get timsieve to list it's one auth method... PLAIN and thus
> can't get sieveshell to work. This is the second set of posts I've made so
> if this seems a little familiar that's because it is ;)
> I've been working on and off on this bug for about two months now :(
>
> The problem is that timsieved isn't listing it's auth method and I don't
> know why. I'm using PLAIN as my auth method becuase I'm using pam_mysql to
> authenticate against a MySQL DB. I know that Plain is insecure but I have
> a firewall. I have tryed a number of things mostly revolving around the
> sasl2 plugins and none have helped in the least. I am intrested in ANY
> wild ideas that anyone might have about what to try next but please read
> the stuff below detailing what I have already tryed.
>
> I would also be most intrested to know if anyone managed to get PLAIN auth
> against PAM to work with timsieve...
> Or if anyone has timsieve working with *just* the PLAIN auth method.
Yes, I do:
[root at dhcp-141-104 root]# telnet localhost sieve
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
"IMPLEMENTATION" "Cyrus timsieved v1.1.0-Invoca-RPM-2.1.9-6"
"SASL" "PLAIN"
"SIEVE" "fileinto reject envelope vacation imapflags notify subaddress
relational regex"
"STARTTLS"
OK
I don't know what's wrong with your setup but you may have a look at my
RPMs to see how I get this working.
Find them at http://home.teleport.ch/simix/
HTH
Simon
>
> The one idea I still have is that timsieve isn't reading it's config data
> from /etc/imapd.conf. I have no clue as to how to check if this is a
> problem.... any ideas most welcome.
>
> Many thanks.....
>
> Nick
>
> >>>>>>> Things I have already tryed <<<<<<<<<<<<
>
> libs in the workng place or libs with the wrong permissions.
> I was advised to use strace on timsieved and see if there were any file
> calls that couldn't be completed. I could not find any. The permissions on
> my sasl2 libs are all o+rx. The strace is attached, if your good at
> reading them please give it a once over (I'm not so good).
>
> No sieve entry in /etc/pam.d. I created a sieve file in that dir with the
> correct (I think) details for how to auth against the db.
>
> sasl_minimum_layer... On the advice of a list member I added this var to
> my imapd.conf with the value '0'. This didn't appear to have any effect.
>
> >>>>>>> My Config <<<<<<<<<<<<
>
> -------START imapd.conf-------
> configdirectory: /var/imap
> partition-default: /var/spool/imap
> sievedir: /var/imap/sieve
>
> # Don't use an everyday user as admin.
> admins: cyrus
>
> #hashimapspool: yes
> allowanonymouslogin: no
> allowplaintext: yes
>
> # Use this if sieve-scripts could be in ~user/.sieve.
> #sieveusehomedir: yes
>
> # Use saslauthd if you want to use pam for imap.
> # But be warned: login with DIGEST-MD5 or CRAM-MD5
> # is not possible using pam.
> sasl_pwcheck_method: saslauthd
>
> # Following taken from the FAQ
> postmaster: postmaster
> sasl_mech_list: PLAIN LOGIN
>
> # Added to try and get fking sieve to work
> sasl_minimum_layer: 0
>
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> dracinterval: 0
> drachost: localhost
> #sievedir: /usr/sieve
> sendmail: /usr/sbin/sendmail
> sieve_maxscriptsize: 32
> sieve_maxscripts: 5
> unixhierarchysep: yes
> -------END imapd.conf-------
>
> -------START /etc/pam.d/sieve-------
> auth sufficient /lib/security/pam_mysql.so user=mail passwd=******
> host=localhost db=mail table=accountuser usercolumn=username
> passwdcolumn=password crypt=0
> account required /lib/security/pam_mysql.so user=mail passwd=******
> host=localhost db=mail table=accountuser usercolumn=username
> passwdcolumn=password crypt=0
> -------END /etc/pam.d/sieve-------
>
> -------START /etc/cyrus.conf-------
> START {
> # do not delete this entry!
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> # idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into /var/imap/socket
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="imap" prefork=0
> pop3 cmd="pop3d" listen="pop3" prefork=0
> # Don't forget to generate the needed keys for SSL or TLS
> # (see doc/html/install-configure.html)
> #imaps cmd="imapd -s" listen="imaps" prefork=0
> #pop3s cmd="pop3d -s" listen="pop3s" prefork=0
> sieve cmd="timsieved" listen="sieve" prefork=0
>
> # at least one LMTP is required for delivery
> # lmtp cmd="lmtpd" listen="lmtp" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp"
> prefork=1
> }
>
> EVENTS {
> # this is required
> checkpoint cmd="ctl_cyrusdb -c" period=30
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="ctl_deliver -E 3" period=1440
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" period=1440
> }
> -------END cyrus.conf-------
>
> >>>>>>> timsieved strace <<<<<<<<<<<<
>
> root # strace /usr/cyrus/bin/timsieved -C /etc/imapd.conf
> execve("/usr/cyrus/bin/timsieved", ["/usr/cyrus/bin/timsieved", "-C",
> "/etc/imapd.conf"], [/* 23 vars */]) = 0
> brk(0) = 0x8098524
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x40016000
> open("/etc/ld.so.preload", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=0, ...}) = 0
> close(3) = 0
> open("/usr/local/lib/i686/mmx/libsasl2.so.2", O_RDONLY) = -1 ENOENT (No
> such file or directory)
> stat64("/usr/local/lib/i686/mmx", 0xbffff044) = -1 ENOENT (No such file or
> directory)
> open("/usr/local/lib/i686/libsasl2.so.2", O_RDONLY) = -1 ENOENT (No such
> file or directory)
> stat64("/usr/local/lib/i686", 0xbffff044) = -1 ENOENT (No such file or
> directory)
> open("/usr/local/lib/mmx/libsasl2.so.2", O_RDONLY) = -1 ENOENT (No such
> file or directory)
> stat64("/usr/local/lib/mmx", 0xbffff044) = -1 ENOENT (No such file or
> directory)
> open("/usr/local/lib/libsasl2.so.2", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000/\0\000"...,
> 1024) = 1024
> fstat64(3, {st_mode=S_IFREG|0755, st_size=88805, ...}) = 0
> old_mmap(NULL, 81892, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40017000
> mprotect(0x4002a000, 4068, PROT_NONE) = 0
> old_mmap(0x4002a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x12000) = 0x4002a000
> close(3) = 0
> open("/usr/local/lib/libdb-3.2.so", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/etc/ld.so.cache", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=15215, ...}) = 0
> old_mmap(NULL, 15215, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4002b000
> close(3) = 0
> open("/usr/lib/libdb-3.2.so", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\304"...,
> 1024) = 1024
> fstat64(3, {st_mode=S_IFREG|0755, st_size=690248, ...}) = 0
> old_mmap(NULL, 644012, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4002f000
> mprotect(0x400cb000, 5036, PROT_NONE) = 0
> old_mmap(0x400cb000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x9b000) = 0x400cb000
> close(3) = 0
> open("/usr/local/lib/libssl.so.0.9.6", O_RDONLY) = -1 ENOENT (No such file
> or directory)
> open("/usr/lib/libssl.so.0.9.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\201\0"..., 1024)
> = 1024
> fstat64(3, {st_mode=S_IFREG|0555, st_size=204936, ...}) = 0
> old_mmap(NULL, 183168, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x400cd000
> mprotect(0x400f7000, 11136, PROT_NONE) = 0
> old_mmap(0x400f7000, 12288, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED,
> 3, 0x29000) = 0x400f7000
> close(3) = 0
> open("/usr/local/lib/libcrypto.so.0.9.6", O_RDONLY) = -1 ENOENT (No such
> file or directory)
> open("/usr/lib/libcrypto.so.0.9.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0P\336\1"..., 1024)
> = 1024
> fstat64(3, {st_mode=S_IFREG|0555, st_size=865301, ...}) = 0
> old_mmap(NULL, 765824, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x400fa000
> mprotect(0x401a8000, 53120, PROT_NONE) = 0
> old_mmap(0x401a8000, 40960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED,
> 3, 0xad000) = 0x401a8000
> old_mmap(0x401b2000, 12160, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401b2000
> close(3) = 0
> open("/usr/local/lib/libresolv.so.2", O_RDONLY) = -1 ENOENT (No such file
> or directory)
> open("/lib/libresolv.so.2", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0p\'\0\000"...,
> 1024) = 1024
> fstat64(3, {st_mode=S_IFREG|0755, st_size=67390, ...}) = 0
> old_mmap(NULL, 70656, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x401b5000
> mprotect(0x401c3000, 13312, PROT_NONE) = 0
> old_mmap(0x401c3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0xd000) = 0x401c3000
> old_mmap(0x401c4000, 9216, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401c4000
> close(3) = 0
> open("/usr/local/lib/libnsl.so.1", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/lib/libnsl.so.1", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 >\0\000"...,
> 1024) = 1024
> fstat64(3, {st_mode=S_IFREG|0755, st_size=93462, ...}) = 0
> old_mmap(NULL, 89628, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x401c7000
> mprotect(0x401da000, 11804, PROT_NONE) = 0
> old_mmap(0x401da000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x12000) = 0x401da000
> old_mmap(0x401db000, 7708, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x401db000
> close(3) = 0
> open("/usr/local/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/lib/libc.so.6", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\250\224"...,
> 1024) = 1024
> fstat64(3, {st_mode=S_IFREG|0755, st_size=1425044, ...}) = 0
> old_mmap(NULL, 1241120, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x401dd000
> mprotect(0x40302000, 40992, PROT_NONE) = 0
> old_mmap(0x40302000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED,
> 3, 0x124000) = 0x40302000
> old_mmap(0x40308000, 16416, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40308000
> close(3) = 0
> open("/usr/local/lib/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/usr/local/lib/libdl.so.2", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> open("/lib/libdl.so.2", O_RDONLY) = 3
> read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\234\34"..., 1024)
> = 1024
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x4030d000
> fstat64(3, {st_mode=S_IFREG|0755, st_size=14490, ...}) = 0
> old_mmap(NULL, 12396, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4030e000
> mprotect(0x40310000, 4204, PROT_NONE) = 0
> old_mmap(0x40310000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3,
> 0x1000) = 0x40310000
> close(3) = 0
> mprotect(0x400fa000, 712704, PROT_READ|PROT_WRITE) = 0
> mprotect(0x400fa000, 712704, PROT_READ|PROT_EXEC) = 0
> munmap(0x4002b000, 15215) = 0
> brk(0) = 0x8098524
> brk(0x80986b4) = 0x80986b4
> brk(0x8099000) = 0x8099000
> brk(0x809c000) = 0x809c000
> time([1036006982]) = 1036006982
> open("/etc/localtime", O_RDONLY) = 3
> fstat64(3, {st_mode=S_IFREG|0644, st_size=1267, ...}) = 0
> old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
> 0) = 0x4002b000
> read(3, "TZif\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\4\0\0\0\4\0"..., 4096)
> = 1267
> close(3) = 0
> munmap(0x4002b000, 4096) = 0
> rt_sigaction(SIGPIPE, {0x402b5874, [], 0x4000000}, {SIG_DFL}, 8) = 0
> socket(PF_UNIX, SOCK_DGRAM, 0) = 3
> fcntl64(3, F_SETFD, FD_CLOEXEC) = 0
> connect(3, {sin_family=AF_UNIX, path="/dev/log"}, 16) = 0
> send(3, "<11>Oct 30 14:43:02 timsieved: c"..., 71, 0) = 71
> rt_sigaction(SIGPIPE, {SIG_DFL}, NULL, 8) = 0
> _exit(70) = ?
More information about the Info-cyrus
mailing list