cyrus imapd authentication problem

David Carter dpc22 at cam.ac.uk
Thu Aug 18 04:42:49 EDT 2005


On Wed, 17 Aug 2005, Thor Vik wrote:

> Hi, I am tearing my hair out over this one.  When I run an imtest -m 
> login localhost, I keep getting an L01 NO Login failed error and a 
> generic failure.  What could this mean?  I have configured imapd.conf's 
> sasl_pwcheck_method: saslauthd.  I have saslauthd set to pam and when I 
> run a saslauthdtest, it works fine.  My syslog give me an error like 
> this: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus 
> SASL(-1): generic failure: checkpass failed.  In my auth.log, I get 
> cannot connect to saslauthd server: Permission denied.  Any ideas would 
> be met with appreciation.

saslauthd creates a Unix domain socket for clients (imapd) on connect to. 
The standard location is /var/state/saslauthd/mux, but it can be changed 
using the --with_saslauthd option to cyrus-sasl's configure script. This 
socket must be accessible by the user or group that imapd is running as.

The other possible problem is that saslauthd only supports simple LOGIN 
authentication. If the CAPABILITY response that you get from imtest 
includes: "AUTH=OTP AUTH=DIGEST-MD5 AUTH=CRAM-MD5", then you need to add 
the following to your imapd.conf file:

   sasl_mech_list: plain

-- 
David Carter                             Email: David.Carter at ucs.cam.ac.uk
University Computing Service,            Phone: (01223) 334502
New Museums Site, Pembroke Street,       Fax:   (01223) 334679
Cambridge UK. CB2 3QH.



More information about the Info-cyrus mailing list