pwcheck doesn't work after system restart

Wed May 21 23:14:19 EDT 2003

On Thursday, May 22, 2003, at 12:10  PM, Mark Keasling wrote:

> Hi,
>
> The Cyrus learning curve is fairly steep.  It requires patience.
> Lots of it.  You may have to take out a loan. :) I'm still no expert.

heh. it's not like uw-imap that's always 'just worked' for me, that's 
for sure. unfortunately uw-imap wasn't really 'just working' for a 
number of my users with >100Mb inboxes. hence the change...

> Cyrus 1.5.x is fairly old.  Assuming an upgrade is available for your
> system you might consider a more recent version.

curse of apt-get i think. or my decision to use debian-stable. i'll see 
what's in unstable - i'm not quite so desperate that i'm ready to 
compile from source.... yet. but that may be the only way to get more 
current.

> If you don't mind, could you post your imapd.conf, cyrus.conf and log
> files so we can see your setup and log output?

OK.. this'll be long but here goes....

imapd.conf is:
==========
# Debian Cyrus imapd.conf
# See imapd.conf(5) for more information

# Configuration directory
configdirectory: /var/lib/cyrus

# Which partition to use for default mailboxes
defaultpartition: default
partition-default: /var/spool/cyrus/mail

# News setup
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news

# Uncomment the following and add the space-separated users who
# have admin rights
admins: stewart  #yes i know i ought not use my uname for admin, will 
sort that later..

# No anonymous logins
allowanonymouslogin: no

# Minimum time between POP mail fetches in minutes
popminpoll: 1

# umask used by Cyrus programs
umask: 077
=========

there is no cyrus.conf. !!?!

fwiw the relevant part of xinetd.conf is:

service imap2
{
         socket_type     = stream
         protocol        = tcp
         wait            = no
         user            = cyrus
         server          = /usr/sbin/imapd
}

=========
the /etc/init.d/pwcheck script is (in part)

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/sbin/pwcheck
NAME=pwcheck
DESC="Cyrus pwcheck daemon"

test -f $DAEMON || exit 0

set -e

# Now we need to check where /usr/sbin/pwcheck points
PWCHECK_DEST=`ls -lL /usr/sbin/pwcheck`
PWCHECK_STANDARD=`ls -l /usr/sbin/pwcheck_standard | sed "s/_.*//g"`
PWCHECK_PAM=`ls -l /usr/sbin/pwcheck_pam | sed "s/_.*//g"`

if [ "$PWCHECK_DEST" = "$PWCHECK_STANDARD" ]; then
                 PWCHECK="STANDARD"
                 DESC="Cyrus standard pwcheck daemon"
         else
                 PWCHECK="PAM"
                 DESC="Cyrus PAM pwcheck daemon"
fi

case "$1" in
   start)
         echo -n "Starting $DESC: "
         if [ "$PWCHECK" = "STANDARD" ]; then
                         start-stop-daemon --start --quiet --background 
--chuid cyrus --exec $DAEMON
                 else
                         start-stop-daemon --start --quiet --background 
--exec $DAEMON
         fi
         echo "$NAME."
         ;;

=========

nothing is logged anywhere, that i can find, when i run the script. 
have yet to run syslog in debug mode but we have just done an strace 
and got this (which is getting into deep geekery that i can only just 
follow  :)

execve("/usr/sbin/pwcheck", ["/usr/sbin/pwcheck"], [/* 14 vars */]) = 0
uname({sys="Linux", node="humphrey", ...}) = 0
brk(0)                                  = 0x10011604
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 
0) = 0x30014000
open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or 
directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(0x3, 0x7ffff0d8)                = -1 ENOSYS (Function not 
implemented)
fstat(3, {st_mode=S_IFREG|0644, st_size=6998, ...}) = 0
mmap(NULL, 6998, PROT_READ, MAP_PRIVATE, 3, 0) = 0x30015000
close(3)                                = 0
open("/lib/libcrypt.so.1", O_RDONLY)    = 3
read(3, "\177ELF\1\2\1\0\0\0\0\0\0\0\0\0\0\3\0\24\0\0\0\1\0\0\v"..., 
1024) = 1024
fstat(3, {st_mode=S_IFREG|0644, st_size=20864, ...}) = 0
mmap(0xffb4000, 245384, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 
0xffb4000
mprotect(0xffb8000, 229000, PROT_NONE)  = 0
mmap(0xffc4000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 
0) = 0xffc4000
mmap(0xffc9000, 159368, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xffc9000
close(3)                                = 0
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\2\1\0\0\0\0\0\0\0\0\0\0\3\0\24\0\0\0\1\0\2]\264"..., 
1024) = 1024
fstat(3, {st_mode=S_IFREG|0755, st_size=1270932, ...}) = 0
mmap(0xfe59000, 1353556, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 
0xfe59000
mprotect(0xff6f000, 214868, PROT_NONE)  = 0
mmap(0xff79000, 155648, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 
0x110000) = 0xff79000
mmap(0xff9f000, 18260, PROT_READ|PROT_WRITE, 
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0xff9f000
close(3)                                = 0
munmap(0x30015000, 6998)                = 0
socket(PF_UNIX, SOCK_DGRAM, 0)          = 3
fcntl64(3, F_SETFD, FD_CLOEXEC)         = -1 ENOSYS (Function not 
implemented)
fcntl(3, F_SETFD, FD_CLOEXEC)           = 0
connect(3, {sin_family=AF_UNIX, path="/dev/log"}, 16) = 0
fork()                                  = 844
exit(0)                                 = ?

i'm told the fork() at the end means it's starting process ID 844 but 
that must be dying or something because it doesn't show up in the 
process list at all. up the top it's complaining that it can't find 
/etc/ld.so.preload which strikes me as strange that you'd go looking 
for a library in /etc.., if i'm right in thinking ld.so.preload is in 
fact a linked or static library? but like i say i only just follow what 
that's all about... [while writing this my colleague has researched 
some more and says he thinks the lack of /etc/ld.so.* may not be 
significant..]

==========

/var/log/mail/mail.log says this when i try to check mail from my 
laptop using test username 'mark' which is a local unix user and worked 
fine last night..

May 22 12:30:37 humphrey imapd[724]: badlogin: [192.168.1.15] plaintext 
mark cannot connect to pwcheck server

==========

in README.pwcheck it mentions having a /var/pwcheck directory for the 
socket. this doesn't exist but /var/state/pwcheck does. we've tried 
copying (with permissions) /var/state/pwcheck to /var/ but that made no 
difference.

==========

> Do you remember how pwcheck was started the first time?

i wasn't aware it even existed until it stopped working. :) presume the 
debian installer did it for me. but i've rebooted the machine a number 
of times already since installing cyrus and it kept working, til this 
morning.

> Check the /etc/init.d/pwcheck script and trying running pwcheck via
> the command line.  It may produce informative output.

have looked at the script and run it from command line without any 
useful output beyond the 'starting pwcheck daemon' msg on the console.

>  I assume that you know that and are already running it as root.

yup. :)

> That's about it off the top of my head where hair once grew. :)

heh. trying to not lose my own down here after all this.. :)

thanks for your help...

..S.