SIEVE weirdness

Brian brianb at sboss.net
Wed Feb 11 09:34:39 EST 2004 

A friend of mine has tried to get Cyrus 2.1.5 running on RHEL 3 and all
works except sieve.

Doing something like 'sieveshell -u cyrus -a cyrus' prompts for the
password over and over.

The error message I get is
Feb  5 17:09:48 agentsmith timsieved[4172]: unable to open Berkeley db
/etc/sasldb2: Invalid argument
Feb  5 17:09:48 agentsmith timsieved[4172]: unable to open Berkeley db
/etc/sasldb2: Invalid argument
Feb  5 17:09:48 agentsmith timsieved[4172]: no secret in database
Feb  5 17:09:48 agentsmith timsieved[4172]: badlogin:
localhost.localdomain[127.0.0.1] DIGEST-MD5 authentication failure

Seems like a problem with the auth method, but when I look in
/etc/imapd.conf he's using saslauthd ...

postmaster: postmaster
configdirectory: /var/lib/imap/
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: PLAIN DIGEST-MD5 shadow pwcheck
servername: agentsmith.novussententia.com
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieveuserhomedir: no
sieve_maxscripts: 5
tls_ca_file: /var/lib/imap/cacert.pem
tls_cert_file: /var/lib/imap/server.crt
tls_key_file: /var/lib/imap/server.key

His cyrus.conf:

START {
  # do not delete this entry!
  mboxlist      cmd="ctl_cyrusdb -r"
  deliver       cmd="ctl_deliver -r"
  recover       cmd="ctl_cyrusdb -r"

  # this is only necessary if using idled for IMAP IDLE
#  idled                cmd="idled"
}

# UNIX sockets start with a slash and are put into /var/lib/imap/sockets
SERVICES {
  # add or remove based on preferences
  imap          cmd="imapd" listen="imap" prefork=5
  imaps         cmd="imapd -s" listen="imaps" prefork=1
  #pop3         cmd="pop3d" listen="pop3" prefork=3
  #pop3s        cmd="pop3d -s" listen="pop3s" prefork=1
  sieve         cmd="timsieved" listen="localhost:sieve" prefork=0
  lmtpunix      cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=0

  # this is only necessary if using notifications
#  notify       cmd="notifyd" listen="/var/lib/imap/socket/notify"
proto="udp" prefork=1
}

EVENTS {
  # this is required
  checkpoint    cmd="ctl_cyrusdb -c" period=30

  # this is only necessary if using duplicate delivery suppression
  delprune      cmd="ctl_deliver -E 3" at=0400

  # this is only necessary if caching TLS sessions
  tlsprune      cmd="tls_prune" at=0400
  squatter      cmd="squatter -r user" period=1440
}

He can login via IMAP just fine.  I even see in the logs where it accepts
the password as type 'plain'.  Below is a strace where we try to
authenticate via sieveshell.  I see it trying to open /etc/shadow, but not
sasldb

[pid  4163] <... accept resumed> {sa_family=AF_UNIX, path=@}, [2]) = 7
[pid  4163] fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
len=1} <unfinished ...>
[pid  4162] <... fcntl64 resumed> )     = 0
[pid  4163] <... fcntl64 resumed> )     = 0
[pid  4162] accept(5,  <unfinished ...>
[pid  4163] read(7, "\0\6", 2)          = 2
[pid  4163] read(7, "csmith", 6)        = 6
[pid  4163] read(7, "\0\5", 2)          = 2
[pid  4163] read(7, "fr00t", 5)         = 5
[pid  4163] read(7, "\0\4", 2)          = 2
[pid  4163] read(7, "smtp", 4)          = 4
[pid  4163] read(7, "\0\0", 2)          = 2
[pid  4163] socket(PF_UNIX, SOCK_STREAM, 0) = 8
[pid  4163] connect(8, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"},
110) = -1 ENOENT (No such file or directory)
[pid  4163] close(8)                    = 0
[pid  4163] open("/etc/nsswitch.conf", O_RDONLY) = 8
[pid  4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=1686, ...}) = 0
[pid  4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4163] read(8, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1686
[pid  4163] read(8, "", 4096)           = 0
[pid  4163] close(8)                    = 0
[pid  4163] munmap(0xb75ea000, 4096)    = 0
[pid  4163] open("/etc/ld.so.cache", O_RDONLY) = 8
[pid  4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=38297, ...}) = 0
[pid  4163] old_mmap(NULL, 38297, PROT_READ, MAP_PRIVATE, 8, 0) = 0xb75e1000
[pid  4163] close(8)                    = 0
[pid  4163] open("/lib/libnss_files.so.2", O_RDONLY) = 8
[pid  4163] read(8,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512
[pid  4163] fstat64(8, {st_mode=S_IFREG|0755, st_size=51924, ...}) = 0
[pid  4163] old_mmap(NULL, 46720, PROT_READ|PROT_EXEC, MAP_PRIVATE, 8, 0)
= 0xb73ce000
[pid  4163] old_mmap(0xb73d9000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 8, 0xa000) = 0xb73d9000
[pid  4163] close(8)                    = 0
[pid  4163] munmap(0xb75e1000, 38297)   = 0
[pid  4163] open("/etc/passwd", O_RDONLY) = 8
[pid  4163] fcntl64(8, F_GETFD)         = 0
[pid  4163] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
[pid  4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=2261, ...}) = 0
[pid  4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4163] read(8, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2261
[pid  4163] close(8)                    = 0
[pid  4163] munmap(0xb75ea000, 4096)    = 0
[pid  4163] time(NULL)                  = 1076018980
[pid  4163] open("/etc/shadow", O_RDONLY) = 8
[pid  4163] fcntl64(8, F_GETFD)         = 0
[pid  4163] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
[pid  4163] fstat64(8, {st_mode=S_IFREG|0600, st_size=1863, ...}) = 0
[pid  4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4163] read(8, "root:$1$q5CN0a6g$EKr/kJsRo5u9IMS"..., 4096) = 1863
[pid  4163] close(8)                    = 0
[pid  4163] munmap(0xb75ea000, 4096)    = 0
[pid  4163] write(7, "\0\2", 2)         = 2
[pid  4163] write(7, "OK", 2)           = 2
[pid  4163] close(7)                    = 0
[pid  4163] fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0,
len=1} <unfinished ...>
[pid  4162] <... accept resumed> {sa_family=AF_UNIX, path=@}, [2]) = 7
[pid  4162] fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
len=1} <unfinished ...>
[pid  4160] <... fcntl64 resumed> )     = 0
[pid  4162] <... fcntl64 resumed> )     = 0
[pid  4160] accept(5,  <unfinished ...>
[pid  4162] read(7, "\0\5", 2)          = 2
[pid  4162] read(7, "cyrus", 5)         = 5
[pid  4162] read(7, "\0\5", 2)          = 2
[pid  4162] read(7, "cyru$", 5)         = 5
[pid  4162] read(7, "\0\5", 2)          = 2
[pid  4162] read(7, "sieve", 5)         = 5
[pid  4162] read(7, "\0\0", 2)          = 2
[pid  4162] socket(PF_UNIX, SOCK_STREAM, 0) = 8
[pid  4162] connect(8, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"},
110) = -1 ENOENT (No such file or directory)
[pid  4162] close(8)                    = 0
[pid  4162] open("/etc/nsswitch.conf", O_RDONLY) = 8
[pid  4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=1686, ...}) = 0
[pid  4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4162] read(8, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1686
[pid  4162] read(8, "", 4096)           = 0
[pid  4162] close(8)                    = 0
[pid  4162] munmap(0xb75ea000, 4096)    = 0
[pid  4162] open("/etc/ld.so.cache", O_RDONLY) = 8
[pid  4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=38297, ...}) = 0
[pid  4162] old_mmap(NULL, 38297, PROT_READ, MAP_PRIVATE, 8, 0) = 0xb75e1000
[pid  4162] close(8)                    = 0
[pid  4162] open("/lib/libnss_files.so.2", O_RDONLY) = 8
[pid  4162] read(8,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512
[pid  4162] fstat64(8, {st_mode=S_IFREG|0755, st_size=51924, ...}) = 0
[pid  4162] old_mmap(NULL, 46720, PROT_READ|PROT_EXEC, MAP_PRIVATE, 8, 0)
= 0xb73ce000
[pid  4162] old_mmap(0xb73d9000, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED, 8, 0xa000) = 0xb73d9000
[pid  4162] close(8)                    = 0
[pid  4162] munmap(0xb75e1000, 38297)   = 0
[pid  4162] open("/etc/passwd", O_RDONLY) = 8
[pid  4162] fcntl64(8, F_GETFD)         = 0
[pid  4162] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
[pid  4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=2261, ...}) = 0
[pid  4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4162] read(8, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2261
[pid  4162] close(8)                    = 0
[pid  4162] munmap(0xb75ea000, 4096)    = 0
[pid  4162] time(NULL)                  = 1076018993
[pid  4162] open("/etc/shadow", O_RDONLY) = 8
[pid  4162] fcntl64(8, F_GETFD)         = 0
[pid  4162] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
[pid  4162] fstat64(8, {st_mode=S_IFREG|0600, st_size=1863, ...}) = 0
[pid  4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
[pid  4162] read(8, "root:$1$q5CN0a6g$EKr/kJsRo5u9IMS"..., 4096) = 1863
[pid  4162] close(8)                    = 0
[pid  4162] munmap(0xb75ea000, 4096)    = 0
[pid  4162] write(7, "\0\2", 2)         = 2
[pid  4162] write(7, "OK", 2)           = 2
[pid  4162] close(7)                    = 0
[pid  4162] fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0,
len=1} <unfinished ...>

Any idea on what's going wrong?

-- 
Brian
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list