Cannot log into cyrus using IMAP

Eric B. ebenze at hotmail.com
Mon May 10 11:33:17 EDT 2004 

> > I am following the Postfix-Cyrus-Web-cyradm-HOWTO.  My command line is
the
> >
> > following:
> > > saslpasswd2 -c cyrus
> > > Password: secret
> > > Again (for verification): secret
>
> Here you create a user in /etc/sasldb2...
>
> > When I try to connect with cyradm:
> > > cyradm --user cyrus --server localhost --auth plain
> > > Password: secret
> > > IMAP Password: secret
> >
> > I get the following errors in my /var/log/auth.log:
>
> > May 10 00:47:21 linuxmail perl: No worthy mechs found
> > May 10 00:52:01 linuxmail imap(pam_unix)[31961]: authentication failure;
> > logname= uid=0 euid=0 tty= ruser= rhost=  user=cyrus
> > May 10 00:52:01 linuxmail saslauthd[31961]: pam_sm_authenticate called.
>
> ... but you are using saslauthd. These are two difrent storages.


Ahhh - I thought they were using the same storage db, but were two different
ways of accessing it.  What authentication process uses the /etc/sasldb2?

> > /var/log/maillog:
> > May 10 01:12:50 linuxmail imap[31979]: accepted connection
> > May 10 01:12:50 linuxmail master[32099]: about to exec
> > /usr/lib/cyrus-imapd/imapd
> > May 10 01:12:50 linuxmail imap[32099]: executed
> > May 10 01:13:00 linuxmail imap[31979]: badlogin: localhost.localdomain
> > [127.0.0.1] PLAIN [SASL(-4): no mechanism available: security flags do
not
> > match required]
> > May 10 01:13:11 linuxmail imap[31979]: badlogin: localhost.localdomain
> > [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass
> > failed
> >
> If your passwords are unencrypted in a mysql-db, you should use the
> sql-auxprop-plugin. In your plugin-dir should be a libsql.so*-Plugin. The
> available options are described in ./doc/options.html

Indeed I have a libsql.so* in my /usr/lib/sasl2 directory.  (defined as my
plugin directory).  I've read through the options.html document, but am not
sure where i need to specify the sql-auxprop-plugin.  Does that go in the
/usr/lib/sasl2/smptd.conf file?  in a /usr/lib/sasl2/imapd.conf file?  How
exactly should it go in?  is my conf file just the following:

pwcheck_method: auxprop
auxprop_plugin: sql


My /etc/pam.d/imapd:
auth       required     /lib/security/pam_stack.so service=system-auth
account    required     /lib/security/pam_stack.so service=system-auth

auth sufficient pam_mysql.so user=mail passwd=secret host=localhost db=mail
table=accountuser usercolumn=username passwdcolumn=password crypt=0
logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host
logpidcolumn=pid logtimecolumn=time

account required pam_mysql.so user=mail passwd=secret host=localhost db=mail
table=accountuser usercolumn=username passwdcolumn=password crypt=0
logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host
logpidcolumn=pid logtimecolumn=time




If I change the pwcheck_method to auxprop, does that mean it no longer uses
saslauthd?  Is there anyway to use saslauthd with non-encrypted p/ws?  Where
does saslauthd retrieve its username/passwd information from?

As you can see, I'm still somewhat confused, and am having trouble locating
documentation to describes all this.

Thanks for any help.

Eric



---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list