auth failure with cyrus, saslauthd, pam and ldap

Martin Hoffmann martin at hoffinator.de
Sat May 21 16:59:41 EDT 2005 

Hi,

thanks for the answer !
[...]
> > --------------- /etc/sysconfig/imapd.conf------------
> This is a typo here, right? It should be /etc/sysconfig/saslauthd
Of course you're right ! In fact it IS saslauthd :-)

> > SOCKETDIR=/var/run/saslauthd
> > MECH=pam
> > FLAGS
[..]
> Well, maybe you should start with testsaslauthd here. Like
> testsaslauthd -u mhoffmann -p mypasswd -s imap
> Also, starting saslauthd in debug mode should be helpful.
Ah, okay ! I started saslauthd on the commandline:

#/usr/sbin/saslauthd -m /var/run/saslauthd -a pam -d -V
saslauthd[5348] :main            : num_procs  : 5
saslauthd[5348] :main            : mech_option: NULL
saslauthd[5348] :main            : run_path   : /var/run/saslauthd
saslauthd[5348] :main            : auth_mech  : pam
saslauthd[5348] :ipc_init        : using accept lock 
file: /var/run/saslauthd/mux.accept
saslauthd[5348] :detach_tty      : master pid is: 0
saslauthd[5348] :ipc_init        : listening on socket: /var/run/saslauthd/mux
saslauthd[5348] :main            : using process model
saslauthd[5349] :get_accept_lock : acquired accept lock
saslauthd[5348] :have_baby       : forked child: 5349
saslauthd[5348] :have_baby       : forked child: 5350
saslauthd[5348] :have_baby       : forked child: 5351
saslauthd[5348] :have_baby       : forked child: 5352
saslauthd[5349] :rel_accept_lock : released accept lock
saslauthd[5350] :get_accept_lock : acquired accept lock
saslauthd[5349] :do_auth         : auth failure: [user=mhoffmann] 
[service=imap] [realm=] [mech=pam] [reason=PAM auth error]

Until the auth failure all seems okay to me !

/var/log/messages states nothing else:

May 21 22:56:34 saturn saslauthd[5364]: detach_tty      : master pid is: 0
May 21 22:56:34 saturn saslauthd[5364]: ipc_init        : listening on 
socket: /var/run/saslauthd/mux
May 21 22:56:37 saturn imap(pam_unix)[5365]: check pass; user unknown
May 21 22:56:37 saturn imap(pam_unix)[5365]: authentication failure; 
logname=root uid=0 euid=0 tty= ruser= rhost=
May 21 22:56:40 saturn saslauthd[5365]: do_auth         : auth failure: 
[user=mhoffmann] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]

So far i can guess PAM cannot read succesfully my ldap database - but why ?
Must be something wrong with /etc/ldap.conf ? 
btw.: Haven't found any helpful debug options for PAM or pam_ldap !? Any 
test-tools ? Maybe i misconfigured ldap !? Cannot seem to find ....

Martin
-- 
Bart Simpson: Making Milhouse cry is not a science project.
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

More information about the Info-cyrus mailing list