Cyrus sasl authentication problem
Wilson, Dave
dwilson at pactolus.com
Thu Dec 16 10:47:54 EST 2004
./saslauthd -a getpwent -d
saslauthd[6583] :main : num_procs : 5
saslauthd[6583] :main : mech_option: NULL
saslauthd[6583] :main : run_path : /var/state/saslauthd
saslauthd[6583] :main : auth_mech : getpwent
saslauthd[6583] :ipc_init : using accept lock file: /var/state/saslauthd/mux.accept
saslauthd[6583] :detach_tty : master pid is: 0
saslauthd[6583] :ipc_init : listening on socket: /var/state/saslauthd/mux
saslauthd[6583] :main : using process model
saslauthd[6583] :have_baby : forked child: 6584
saslauthd[6583] :have_baby : forked child: 6585
saslauthd[6583] :have_baby : forked child: 6586
saslauthd[6583] :have_baby : forked child: 6587
saslauthd[6583] :get_accept_lock : acquired accept lock
saslauthd[6583] :rel_accept_lock : released accept lock
saslauthd[6584] :get_accept_lock : acquired accept lock
saslauthd[6583] :do_auth : auth failure: [user=pcs] [service=imap] [realm=] [mech=getpwent]
[reason=Unknown]
saslauthd[6583] :do_request : response: NO
> -----Original Message-----
> From: Ken Murchison [mailto:ken at oceana.com]
> Sent: Thursday, December 16, 2004 10:45 AM
> To: Wilson, Dave
> Cc: info-cyrus at lists.andrew.cmu.edu
> Subject: Re: Cyrus sasl authentication problem
>
>
> Wilson, Dave wrote:
>
> > This didn't work either:
>
> What does the SASL debug log look like?
>
>
> >
> > ./imtest -m login -a pcs localhost
> > S: * OK pcs-pfni-01 Cyrus IMAP4 v2.2.10 server ready
> > C: C01 CAPABILITY
> > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+
> MAILBOX-REFERRALS NAMESPACE UIDPLUS ID NO_ATOMIC_
> > RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT
> THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMOR
> > E IDLE
> > S: C01 OK Completed
> > Please enter your password:
> > C: L01 LOGIN pcs {3}
> > S: + go ahead
> > C: <omitted>
> > S: L01 NO Login failed: no mechanism available
> > Authentication failed. generic failure
> > Security strength factor: 0
> >
> > This is my imapd.conf:
> >
> > configdirectory: /u01/imap
> > partition-default: /u01/spool/imap
> > admins: pcs root
> > sasl_pwcheck_method: saslauthd
> > sasl_mech_list: PLAIN
> > allowplaintext: 1
> > defaultdomain: pactolus
> > imapidlepoll: 15
> >
> > I have saslauthd running: ./saslauthd -a getpwent
> >
> > Any other ideas?
> >
> > Dave
> >
> >
> >>-----Original Message-----
> >>From: Ken Murchison [mailto:ken at oceana.com]
> >>Sent: Thursday, December 16, 2004 9:53 AM
> >>To: Wilson, Dave
> >>Cc: 'info-cyrus at lists.andrew.cmu.edu'
> >>Subject: Re: Cyrus sasl authentication problem
> >>
> >>
> >>Wilson, Dave wrote:
> >>
> >>
> >>>I'm using Cyrus with sasl, using auth method getpwent:
> >>>
> >>>./saslauthd -d -a getpwent
> >>>
> >>>I then use imtest:
> >>>
> >>>./imtest -m login -u pcs localhost
> >>
> >>This should be:
> >>
> >>./imtest -m login -a pcs localhost
> >>
> >>
> >>
> >>>S: * OK pcs-pfni-01 Cyrus IMAP4 v2.2.10 server ready
> >>>C: C01 CAPABILITY
> >>>S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+
> MAILBOX-REFERRALS
> >>>NAMESPACE UIDPLUS ID NO_ATOMIC_
> >>>RENAME UNSELECT CHILDREN MULTIAPPEND BINARY SORT
> >>
> >>THREAD=ORDEREDSUBJECT
> >>
> >>>THREAD=REFERENCES ANNOTATEMOR
> >>>E IDLE AUTH=OTP AUTH=DIGEST-MD5 AUTH=CRAM-MD5 SASL-IR
> >>>S: C01 OK Completed
> >>>Please enter your password:
> >>>C: L01 LOGIN root {3}
> >>>S: + go ahead
> >>>C: <omitted>
> >>>S: L01 NO Login failed: authentication failure
> >>>Authentication failed. generic failure
> >>>Security strength factor: 0
> >>>
> >>>The debug log from sasl is:
> >>>
> >>>saslauthd[5293] :main : num_procs : 5
> >>>saslauthd[5293] :main : mech_option: NULL
> >>>saslauthd[5293] :main : run_path :
> /var/state/saslauthd
> >>>saslauthd[5293] :main : auth_mech : getpwent
> >>>saslauthd[5293] :ipc_init : using accept lock file:
> >>>/var/state/saslauthd/mux.accept
> >>>saslauthd[5293] :detach_tty : master pid is: 0
> >>>saslauthd[5293] :ipc_init : listening on socket:
> >>>/var/state/saslauthd/mux
> >>>saslauthd[5293] :main : using process model
> >>>saslauthd[5293] :have_baby : forked child: 5294
> >>>saslauthd[5293] :have_baby : forked child: 5295
> >>>saslauthd[5293] :have_baby : forked child: 5296
> >>>saslauthd[5293] :have_baby : forked child: 5297
> >>>saslauthd[5293] :get_accept_lock : acquired accept lock
> >>>saslauthd[5293] :rel_accept_lock : released accept lock
> >>>saslauthd[5294] :get_accept_lock : acquired accept lock
> >>>saslauthd[5293] :do_auth : auth failure:
> >>
> >>[user=root] [service=imap]
> >>
> >>>[realm=] [mech=getpwent]
> >>> [reason=Unknown]
> >>>saslauthd[5293] :do_request : response: NO
> >>>saslauthd[5294] :rel_accept_lock : released accept lock
> >>>saslauthd[5295] :get_accept_lock : acquired accept lock
> >>>saslauthd[5294] :do_auth : auth failure:
> >>
> >>[user=root] [service=imap]
> >>
> >>>[realm=] [mech=getpwent]
> >>> [reason=Unknown]
> >>>saslauthd[5294] :do_request : response: NO
> >>>
> >>>Why does this have user=root? More generally, why is the
> >>
> >>authentication
> >>
> >>>failing?
> >>>
> >>>Thanks
> >>>Dave
> >>>
> >>>---
> >>>Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> >>>Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> >>>List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> >>>
> >>
> >>
> >>--
> >>Kenneth Murchison Oceana Matrix Ltd.
> >>Software Engineer 21 Princeton Place
> >>716-662-8973 x26 Orchard Park, NY 14127
> >>--PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
> >>
> >
> >
> > ---
> > Cyrus Home Page: http://asg.web.cmu.edu/cyrus
> > Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> > List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
> >
>
>
> --
> Kenneth Murchison Oceana Matrix Ltd.
> Software Engineer 21 Princeton Place
> 716-662-8973 x26 Orchard Park, NY 14127
> --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
>
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list