cyrus imapd authentication problem
David Carter
dpc22 at cam.ac.uk
Thu Aug 18 04:42:49 EDT 2005
On Wed, 17 Aug 2005, Thor Vik wrote:
> Hi, I am tearing my hair out over this one. When I run an imtest -m
> login localhost, I keep getting an L01 NO Login failed error and a
> generic failure. What could this mean? I have configured imapd.conf's
> sasl_pwcheck_method: saslauthd. I have saslauthd set to pam and when I
> run a saslauthdtest, it works fine. My syslog give me an error like
> this: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus
> SASL(-1): generic failure: checkpass failed. In my auth.log, I get
> cannot connect to saslauthd server: Permission denied. Any ideas would
> be met with appreciation.
saslauthd creates a Unix domain socket for clients (imapd) on connect to.
The standard location is /var/state/saslauthd/mux, but it can be changed
using the --with_saslauthd option to cyrus-sasl's configure script. This
socket must be accessible by the user or group that imapd is running as.
The other possible problem is that saslauthd only supports simple LOGIN
authentication. If the CAPABILITY response that you get from imtest
includes: "AUTH=OTP AUTH=DIGEST-MD5 AUTH=CRAM-MD5", then you need to add
the following to your imapd.conf file:
sasl_mech_list: plain
--
David Carter Email: David.Carter at ucs.cam.ac.uk
University Computing Service, Phone: (01223) 334502
New Museums Site, Pembroke Street, Fax: (01223) 334679
Cambridge UK. CB2 3QH.
More information about the Info-cyrus
mailing list