ctl_mboxlist being run as root and CRAM-MD5 with saslauthd + LDAP

Etienne Goyer etienne.goyer at linuxquebec.com
Thu Mar 6 10:13:56 EST 2003


Hi there,

I am setting up a Murder (cool technologie, btw) and I have a problem
I can't seem to solve by myself.  Any help would be very appreciated !

Basically, ctl_mboxlist try to authenticate as root on the MUPDATE 
master server.  Here is the revelant part of my /etc/cyrus.conf :

---
START {
  recover       cmd="ctl_cyrusdb -r"
  mupdatepush   cmd="ctl_mboxlist -m"
}
---

My mupdate master server authenticate thru saslauthd with LDAP.
/etc/imapd.conf on mupdate master server :

---
configdirectory: /var/imap
partition-default: /tmp
admins: cyrus
sasl_mech_list: PLAIN
sasl_pwcheck_method: saslauthd
---

When the master server start on the backend, the following appear in
/var/log/auth.log :

---
Mar  6 09:46:41 ldap1 saslauthd[1852]: Entry not found or more than one entries found (uid=root).
Mar  6 09:46:41 ldap1 saslauthd[1852]: AUTHFAIL: user=root service=mupdate realm=
Mar  6 09:46:41 ldap1 mupdate[2022]: Password verification failed 
---

This make me believe that ctl_mboxlist is being executed as root (at
least, try to authenticate as root).  I could not fing a switch in the
man page to have it authenticate as some specific user (in my case,
cyrus).  Two (inelegant) solution I tried that did not work where to
make ctl_mboxlist suid cyrus and executing ctl_mboxlist as cyrus with
sudo in /etc/cyrus.conf.  Is there s switch to ctl_mboxlist that tell it
ot authenticate to the mupdate server as a specific user ?  I am
starting the Cyrus master process as root; could this be the problem ?

Thank you very much for your insight !

-- 
Etienne Goyer                    Linux Québec Technologies Inc.
http://www.LinuxQuebec.com       etienne.goyer at linuxquebec.com
PGP Pub Key: http://www.LinuxQuebec.com/pubkeys/eg.key 
Fingerprint: F569 0394 098A FC70 B572  5D20 3129 3D86 8FD5 C853 




More information about the Info-cyrus mailing list