PAM (Red Hat) saslauthd, and Cyrus IMAP
Prentice Bisbal
prentice at rcsb.rutgers.edu
Wed Mar 10 15:47:28 EST 2004
I'm having trouble authenticating to Cyrus IMAP. After having problems
with salsdb2 and auxprop, I"m now trying to use saslauthd and pam so I
can use the users' password from NIS.
I can authenticate as myself, the cyrus admin, and the mupdate user fine
with the cyradm command, but when I try to use imtest or connect from an
IMAP mail client, I get reject, with the following entries in
/var/log/auth.log
Mar 10 15:40:18 pdb-mail-1 saslauthd[11318]: do_auth : auth
failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
[reason=PAM auth error]
Mar 10 15:40:18 pdb-mail-1 mupdate[11091]: Password verification failed
Mar 10 15:40:50 pdb-mail-1 saslauthd[11319]: DEBUG: auth_pam:
pam_authenticate failed: Authentication failure
Mar 10 15:40:50 pdb-mail-1 saslauthd[11319]: do_auth : auth
failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
[reason=PAM auth error]
Mar 10 15:40:50 pdb-mail-1 mupdate[11091]: Password verification failed
Mar 10 15:41:14 pdb-mail-1 saslauthd[11320]: DEBUG: auth_pam:
pam_authenticate failed: Authentication failure
Mar 10 15:41:14 pdb-mail-1 saslauthd[11320]: do_auth : auth
failure: [user=mupdate] [service=mupdate] [realm=] [mech=pam]
[reason=PAM auth error]
Mar 10 15:41:14 pdb-mail-1 mupdate[11091]: Password verification faile
The relevant config files are below
--
Prentice Bisbal
Computer System Administrator
Protein Data Bank
Rutgers University
# more /etc/imapd.conf
configdirectory: /var/lib/imap
partition-default: /var/cyrus/spool/imap
admins: cyrus mupdate
sievedir: /var/cyrus/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
#sasl_pwcheck_method: auxprop
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
mupdate_config: replicated
mupdate_server: pdb-mupdate.rutgers.edu
mupdate_username: mupdate
mupdate_authname: mupdate
mupdate_password: XXXXXXXX
# more /etc/sysconfig/saslauthd
MECH=pam
FLAGS="-n=5"
more /etc/pam.d/imap
#%PAM-1.0
auth required pam_stack.so service=system-auth
account required pam_stack.so service=system-auth
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list