Installation of Cyrus aggregator using PAM authentication.

Russell Gnann rgnann at corp.pol.net
Wed Apr 16 13:38:47 EDT 2003 

Hello list,

We are looking at setting the Cyrus Murder implementation in a test
environment.  We have successfully compiled Cyrus IMAP 2.1.12 and SASL
2.1.13 with the --enable-murder option and successfully created a backend
server that authenticates IMAPD and POP3 correctly using PAM. However, on
the MUPDATE master server we cannot seem to authenticate to MUPDATE.  We can
successfully connect to it, but the backend server using mupdatetest writes
this to the logs

Apr 16 13:29:00 polmailqa mupdatetest[2332]: No worthy mechs found

I am obviously missing something in the setup for users in relation to the
MUPDATE authentication, but for the life of me I have no idea what it might
be.  Our current Cyrus-IMAP environment strictly uses PAM authentication as
the mechinism for auththentication...

Here are the cyrus.conf and imapd.conf files for the backend and master
mupdate servers.  I realize we are using the same username for
authentication on both servers.. This is done just for testing purposes, and
ease of initial configuration.

Backend:
imapd.conf

configdirectory: /var/imap
#partition-default: /var/spool/imap
defaultpartition: default
partition-default: /var/pol/mail/default
partition-default2: /var/pol/mail/default2
partition-default3: /var/pol/mail/default3
partition-default4: /var/pol/mail/default4
partition-a: /var/pol/mail/a
partition-b: /var/pol/mail/b
partition-c: /var/pol/mail/c
partition-d: /var/pol/mail/d
partition-e: /var/pol/mail/e
partition-f: /var/pol/mail/f
partition-g: /var/pol/mail/g
partition-h: /var/pol/mail/h
partition-i: /var/pol/mail/i
partition-j: /var/pol/mail/j
partition-k: /var/pol/mail/k
partition-l: /var/pol/mail/l
partition-m: /var/pol/mail/m
partition-n: /var/pol/mail/n
partition-o: /var/pol/mail/o
partition-p: /var/pol/mail/p
partition-q: /var/pol/mail/q
partition-r: /var/pol/mail/r
partition-s: /var/pol/mail/s
partition-t: /var/pol/mail/t
partition-u: /var/pol/mail/u
partition-v: /var/pol/mail/v
partition-w: /var/pol/mail/w
partition-x: /var/pol/mail/x
partition-y: /var/pol/mail/y
partition-z: /var/pol/mail/z
partition-0: /var/pol/mail/0
partition-1: /var/pol/mail/1
partition-2: /var/pol/mail/2
partition-3: /var/pol/mail/3
partition-4: /var/pol/mail/4
partition-5: /var/pol/mail/5
partition-6: /var/pol/mail/6
partition-7: /var/pol/mail/7
partition-8: /var/pol/mail/8
partition-9: /var/pol/mail/9
admins: cyrus
allowanonymouslogin: no
sasl_passwd_method: saslauthd
#sasl_mech_list: PLAIN LOGIN
sasl_pwcheck_method: saslauthd
mupdate_server: 10.70.1.22
mupdate_port: 2004
mupdate_username: cyrus
mupdate_authname: cyrus
mupdate_password: <omitted>
mupdate_admins: cyrus

cyrus.conf

# standard standalone server implementation

START {
  # do not delete these entries!
  mboxlist      cmd="ctl_cyrusdb -r"
  deliver       cmd="ctl_deliver -r"
  mupdatepush   cmd="ctl_mboxlist -m"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/imap/sockets
SERVICES {
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=1
  pop3          cmd="pop3d" listen="pop3" prefork=1

  # LMTP is required for delivery
  lmtpunix      cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
#  lmtpunix     cmd="lmtpd" listen="tom.po.com:3000" prefork=0
}

EVENTS {
  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" period=1440
}
________________________________
Mupdate master server:
imapd.conf

configdirectory: /var/imap
#partition-default: /var/spool/imap
partition-default: /tmp
admins: cyrus
allowanonymouslogin: no
sasl_passwd_method: saslauthd
sasl_pwcheck_method: saslauthd


cyrus.conf

# standard standalone server implementation

START {
  # do not delete these entries!
  mboxlist      cmd="ctl_cyrusdb -r"
  deliver       cmd="ctl_deliver -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/imap/sockets
SERVICES {
  # add or remove based on preferences
  #imap         cmd="imapd" listen="imap" prefork=1
  #pop3         cmd="pop3d" listen="pop3" prefork=1

  # LMTP is required for delivery
  #lmtpunix     cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=1
#  lmtpunix     cmd="lmtpd" listen="tom.po.com:3000" prefork=0

  # MUPDATE master entry
  mupdate       cmd="/opt/sparcv8/bin/mupdate -m" listen=2004 perfork=1
}

EVENTS {
  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" period=1440
}


_______
Russell Gnann
UNIX Systems Administrator
Andrx Corp.

More information about the Info-cyrus mailing list