cyradm and salsdb2 ?

[EppO]

----- Original Message ----- 
From: "Fred Gravel" <mindedsmasher at hotmail.com>
To: <info-cyrus at lists.andrew.cmu.edu>
Sent: Thursday, February 05, 2004 4:05 PM
Subject: Re: cyradm and salsdb2 ?


> Hi,
>
> >You do set the passwd with saslpasswd2. Be sure to use it with the -c
> >switch when creating a user. sasldblistusers2 will give you all users
> >currently present in sasldb. In my case this gives two entries for each
> >user: user at hostname: cmusaslsecretOTP and user at hostname: userPassword
>
> root at foo:~#sasldblistusers2
> cyrus at bar.com: userPassword
> test at foo.bar.com: userPassword
>
> I do not have two entries for each user, isn't right ? Could it be caused
by
> a permission problem with /etc/opiekeys ?
>
> Here is what i mean, i started master... and tried to log in with
cyradm...
> Feb  5 09:24:03 foo master[52746]: process started
> Feb  5 09:24:03 foo ctl_cyrusdb[52747]: recovering cyrus databases
> Feb  5 09:24:03 foo ctl_cyrusdb[52747]: done recovering cyrus databases
> Feb  5 09:24:03 foo master[52746]: ready for work
> Feb  5 09:24:03 foo ctl_cyrusdb[52748]: checkpointing cyrus databases
> Feb  5 09:24:03foo ctl_cyrusdb[52748]: done checkpointing cyrus databases
> Feb  5 09:24:36 foo imapd[52782]: OTP unavailable because can't read/write
> key database /etc/opiekeys: Permission denied
> Feb  5 09:24:42 foo imapd[52782]: no user in db
> Feb  5 09:24:42 foo imapd[52782]: no user in db
> Feb  5 09:24:42 foo imapd[52782]: badlogin: bar.com[x.x.x.x] plaintext
cyrus
> SASL(-13): user not found: checkpass failed
>
> i changed the owner of /etc/opiekeys to cyrus, changed the group to
mail...
> and added the read/write to group... and even added rw to other to be sure
(
> i'm going to set the permissions properly when it will work... )
> root at foo:~#ls -al /etc/opiekeys
> -rw-rw-rw-  1 postfix  mail  0 Oct 11 14:51 /etc/opiekeys
>
> I tried to log in again...
> #cyradm --user cyrus --auth login localhost
> Feb  5 09:48:46 foo imapd[55493]: no user in db
> Feb  5 09:48:46 foo imapd[55493]: no user in db
> Feb  5 09:48:46 foo imapd[55493]: badlogin: neokit.com[216.17.101.180]
> plaintext cyrus SASL(-13): user not found: checkpass failed
>
> (notice that i didn't get any errors about opiekeys permissions ... )
> The user do exist in the sasldb2...
> root at foo:~#sasldblistusers2
> cyrus at bar: userPassword
> test at foo.bar.com: userPassword
>
> And the permissions seems okay...
> -rw-r-----  1 cyrus  mail  16384 Feb  5 00:19 /usr/local/etc/sasldb2.db
>
> What could be the problem ?
> I do not run saslauthd ... I'm not sure, but i think it's not needed....
> Btw, i do not have anything in /etc/opieaccess.. isn't correct ?

Right I shut it down and that works well without. Verify in your imapd.conf:
sasl_pwcheck_method: auxprop
sasl_auxprop_plugin_sasldb

My sasldb2 is -rw-r----- with root as owner and sasl as group, and cyrus is
in the mail and sasl group. I think it's doing the same.

---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html