IMSP Authentication issue
Simon Matter
simon.matter at invoca.ch
Fri May 30 04:47:17 EDT 2008
> Anyone please?
>
> I need to go online with my new system this afternoon and IMSPd is driving
> me crazy.
I have never used IMSPd nor MySQL authentication with saslauthd.
But, from what I understand your authentication goes via PAM. If yes, do
you have the same PAM configuration on your new server, most likely in
/etc/pam.d/?
Simon
>
> Thanks in advance!
>
> --On Donnerstag, 29. Mai 2008 11:28 +0200 Martin Ziegler
> <mz at newyorkcity.de> wrote:
>
>> Good Morning All,
>>
>> i'm currently migrating my system to a new server and unfortunately i
>> have
>> to recompile all the stuff. Happily it went quite well with one
>> exception.
>> The authentication mechanism for IMSPd is no longer working. I'm using
>> saslauthd which connects to a MYSQL databse. This works for all other
>> daemons without any problem including Cyrus IMAPd. When i try to log in
>> to
>> IMSPd saslauthd returns a successfull authentication but IMSPd says,
>> that
>> there is no such user on this server. On my old server i have exactly
>> the
>> same configuration running without problems for years now. Please find
>> all
>> the details below.
>>
>> I would be very happy if someone could point my into the right direction
>> before i'm going mad.
>>
>> Thank you!
>>
>> Cheers, Martin
>>
>> BTW: In the meantime is there a working virtdomain patch available for
>> IMSPd?
>>
>> -----------------
>> cyrus-imspd-v1.7b
>>
>> ./configure --prefix=/opt/cyrus/imsp --with-sasl=/opt --with-auth=unix
>>
>> ldd imspd:
>> libsasl2.so.2 => /opt/lib/libsasl2.so.2 (0xb7efb000)
>> libdl.so.2 => /lib/libdl.so.2 (0xb7ef8000)
>> libresolv.so.2 => /lib/libresolv.so.2 (0xb7ee6000)
>> libdb-4.0.so => /usr/lib/libdb-4.0.so (0xb7e1c000)
>> libc.so.6 => /lib/libc.so.6 (0xb7ce2000)
>> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7f2e000)
>>
>> ------------
>> cyrus-sasl-2.1.20.tar.gz
>> ./configure \
>> --prefix=/opt \
>> --enable-anon \
>> --enable-plain \
>> --enable-login \
>> --disable-krb4 \
>> --disable-otp \
>> --disable-cram \
>> --disable-digest \
>> --with-saslauthd=/var/run/saslauthd \
>> --with-pam=/lib/security \
>> --with-dblib=berkeley \
>> --with-bdb-libdir=/usr/lib \
>> --with-bdb-incdir=/usr/include \
>> --with-openssl=/opt/openssl \
>> --with-plugindir=/opt/lib/sasl2
>>
>> -------------
>> cat /opt/lib/sasl2/imspd.conf
>> pwcheck_method: saslauthd
>> --------------
>>
>> testsaslauthd -u <username> -p <password> -s imsp
>> 0: OK "Success."
>>
>> May 29 09:09:34 h1391047 saslauthd[4333]: pam_sm_authenticate called.
>> May 29 09:09:34 h1391047 saslauthd[4333]: dbuser changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: dbpasswd changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: host changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: database changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: table changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: usercolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: passwdcolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: crypt changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: logtable changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: logmsgcolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: logusercolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: loghostcolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: logpidcolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: logtimecolumn changed.
>> May 29 09:09:34 h1391047 saslauthd[4333]: db_connect called.
>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0 .
>> May 29 09:09:34 h1391047 saslauthd[4333]: db_checkpasswd called.
>> May 29 09:09:34 h1391047 saslauthd[4333]: pam_mysql: where clause =
>> May 29 09:09:34 h1391047 saslauthd[4333]: SELECT password FROM
>> accountuser
>> WHERE username='<username>'
>> May 29 09:09:34 h1391047 saslauthd[4333]: sqlLog called.
>> May 29 09:09:34 h1391047 saslauthd[4333]: insert into log (msg, user,
>> host, pid, time) values('AUTH SUCCESSFUL', '<username>', '', '4333',
>> NOW()) May 29 09:09:34 h1391047 saslauthd[4333]: Returning 0
>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0 .
>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0.
>>
>> --------------------
>>
>> Log in to IMSPd:
>> May 29 09:11:38 h1391047 saslauthd[4332]: pam_sm_authenticate called.
>> May 29 09:11:38 h1391047 saslauthd[4332]: dbuser changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: dbpasswd changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: host changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: database changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: table changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: usercolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: passwdcolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: crypt changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: logtable changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: logmsgcolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: logusercolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: loghostcolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: logpidcolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: logtimecolumn changed.
>> May 29 09:11:38 h1391047 saslauthd[4332]: db_connect called.
>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0 .
>> May 29 09:11:38 h1391047 saslauthd[4332]: db_checkpasswd called.
>> May 29 09:11:38 h1391047 saslauthd[4332]: pam_mysql: where clause =
>> May 29 09:11:38 h1391047 saslauthd[4332]: SELECT password FROM
>> accountuser
>> WHERE username='<username>'
>> May 29 09:11:38 h1391047 saslauthd[4332]: sqlLog called.
>> May 29 09:11:38 h1391047 saslauthd[4332]: insert into log (msg, user,
>> host, pid, time) values('AUTH SUCCESSFUL', '<username>', '', '4332',
>> NOW()) May 29 09:11:38 h1391047 saslauthd[4332]: Returning 0
>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0 .
>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0.
>> May 29 09:11:38 h1391047 imsp[12467]: badlogin: <hostname> <username>
>> plaintext User does not have an account on this server
>>
>> ----
>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
More information about the Info-cyrus
mailing list