Self compiled Cyrus 2.4.16 does not talk to self compiled Cyrus SASL 2.1.25

Dan White dwhite at olp.net
Tue Jun 19 09:55:31 EDT 2012


On 06/19/12 11:17 +0200, Eric Luyten wrote:
>Folks,
>
>
>(hitting the same wall over and over again when upgrading)
>
>
>Cyrus SASL is working/looking in /var/state/saslauthd all
>right, but Cyrus 2.4 appears to be writing elsewhere, and
>we cannot find out where exactly.
>
>Have tried 'saslauthd_path' option in /etc/imapd.conf to
>no avail.
>I pretty much copied our Cyrus 2.3 configuration files over
>to the test environment.

What does your sasl_* configuration look like in imapd.conf?

Are you authenticating with an appropriate mechanism (either PLAIN or
LOGIN)?

On 06/19/12 13:34 +0200, Eric Luyten wrote:
>On Tue, June 19, 2012 12:05 pm, Adam  Tauno Williams wrote:
>> On Tue, 2012-06-19 at 11:17 +0200, Eric Luyten wrote:
>>
>>> (hitting the same wall over and over again when upgrading)
>>> Cyrus SASL is working/looking in /var/state/saslauthd all
>>> right, but Cyrus 2.4 appears to be writing elsewhere, and we cannot find out
>>> where exactly.
>>
>> Are you sure it is loading your compiled libraries and not your
>> distributions 'defacto' ones?  [ldd /usr/lib/cyrus/bin/imapd - your should see
>> a reference to your SASL libraries]
>
>
>mcs1dev# ldd /usr/local/sbin/saslauthd | fgrep sasl
>	libsasl2.so.2 =>	 /opt/csw/lib/libsasl2.so.2
>mcs1dev# ldd /usr/cyrus/bin/imapd | fgrep sasl
>	libsasl2.so.2 =>	 /opt/csw/lib/libsasl2.so.2
>mcs1dev#

The location of the shared libraries for the saslauthd should not be
important (unless you're using the sasldb or ldap backends), because it
runs within its own process. If testsaslauthd is working then your
saslauthd installation is likely ok. Try running testsaslauthd as your
cyrus user to rule out any permissions problems.

>> BTW - why are you self-compiling?  Really good packages exist for lots
>> of distributions.
>
>
>Solaris10/Intel.
>
>
>>> Have tried 'saslauthd_path' option in /etc/imapd.conf to
>>> no avail.
>>
>> So when you run testsaslauthd it works?
>
>
>Yes, it certainly does.

Your saslauthd_path configuration should include the trailing '/mux'.  I
believe it should be identical to the '-f' option that you would pass to
testsaslauthd.

Try increasing your sasl logging to further troubleshoot. In imapd.conf:

sasl_log_level: 7

And configure your syslog daemon to log 'auth.*'.

-- 
Dan White


More information about the Info-cyrus mailing list