NO Login failed: generic failure

Marc Fournier scrappy at hub.org
Wed Mar 26 14:05:11 EDT 2014


Yes, they are all the same … data isn’t, obvously, but the structure hasn’t changed … in fact, the mail systems on all three servers that I’m currently working with have been running / configured for 5+ years now … only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the latest … 

I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing from) and all went smooth … I never change config files  unless I have to, and in this case, nothing had to be changed … and the lack of useful error message is making it twice as difficult to debug ;(



On Mar 26, 2014, at 10:59 , Helmut Weigel <helmut.weigel at dfb-medien.de> wrote:

> You said, you compared the cyrus config files.
> Did you compare the structure and data of the sqllite databases?
>  
> Regards Helmut
>  
> Von: Marc Fournier [mailto:scrappy at hub.org] 
> Gesendet: Mittwoch, 26. März 2014 18:20
> An: Helmut Weigel
> Cc: info-cyrus at lists.andrew.cmu.edu
> Betreff: Re: NO Login failed: generic failure
>  
>  
> Never has been, nor is there on the working system … I don’t even know where that query is coming from, as my imapd.conf has:
>  
> pwcheck_method: auxprop
> auxprop_plugin: sql
>  
> sasl_sql_engine: sqlite
> sasl_sql_database: /var/db/sqlite/mailsys
> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( '%u@%r', '%v' )
> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'
>  
> this is the same config on both system, and even lookign on the *good* system (that I’m reading / sending this through) at its /var/log/debug.log, I see it doing that extra query, but, again, no idea where it is coming from … its not something I wrote … only the first query is:
>  
> Mar 26 14:02:37 hub pop3[75904]: begin transaction
> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from userPassword ams hub.org
> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT userPassword FROM sasl_auth WHERE userid = 'ams at hub.org';
> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from cmusaslsecretPLAIN ams hub.org
> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'ams at hub.org';
> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: cmusaslsecretPLAIN 
> Mar 26 14:02:37 hub pop3[75904]: commit transaction
>  
>  
>  
>  
> On Mar 26, 2014, at 10:11 , Helmut Weigel <helmut.weigel at dfb-medien.de> wrote:
> 
> 
> Hi,
>  
> the problem is located in your SQL Database. The Error Message says:
>  
>  
> There’s no colum  cmusaslsecretPLAIN
>  
>  
> Double Check your Database
>  
> Regards Helmut
>  
> Von: info-cyrus-bounces+weigel=dfbnet.org at lists.andrew.cmu.edu [mailto:info-cyrus-bounces+weigel=dfbnet.org at lists.andrew.cmu.edu] Im Auftrag von Marc Fournier
> Gesendet: Mittwoch, 26. März 2014 17:28
> An: info-cyrus at lists.andrew.cmu.edu
> Betreff: NO Login failed: generic failure
>  
>  
> I have two servers, both with identical configurations, right down to their imapd.conf files … both use sqlite to store auth information …
>  
> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>  
> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>  
> One works great, nary a problem … the other, I get the above message when I try and authenticate.  And I can’t find anything different … I’ve checked permissions on the various files, etc …
>  
> /var/log # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus IMAP v2.4.17 server ready
> . login xxx at xxx.xxx xxx
> . NO Login failed: generic failure
> . logout
> * BYE LOGOUT received
> . OK Completed
> Connection closed by foreign host.
>  
> /var/log/debug.log shows:
>  
> ==
> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
> Mar 26 16:09:08 xxx imap[67279]: executed
> Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
> Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening /var/spool/imap/user_deny.db: No such file or directory
> Mar 26 16:09:08 xxx imap[67279]: accepted connection
> Mar 26 16:09:36 xxx imap[67279]: accepted connection
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username xxx at xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host ''
> Mar 26 16:09:49 xxx imap[67279]: begin transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from userPassword xxx xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword FROM sasl_auth WHERE userid = 'xxx at xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from cmusaslsecretPLAIN xxx xxx.xxx 
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'xxx at xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: cmusaslsecretPLAIN
> Mar 26 16:09:49 xxx imap[67279]: commit transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username xxx at xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host ''
>  
> /var/log/messages shows:
>  
> Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext xxx at xxx.xxx SASL(-1): generic failure: checkpass failed
>  
> I’ve even tried su’ng to the cyrus user and running the sql command against the database, and it returns the right database:
>  
> % echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘xxx at xxx.xxx';" | sqlite /var/db/sqlite/mailsys
> rightPW
> %
>  
> I’ve double checked the imapd.conf files, and they are identical except different admins: and one has tls_* lines in it … but I’m having the identical issue with *another* server, and it doesn’t have the tls_* lines …
>  
> I figure I have to be overlooking *something* stupid, but I’m at a loss as to what it could be … I’ve even checked md5 on imapd between both working / non-working … identical …
>  
> Is there any way of getting more debug information out of the backend without modifying the code itself?  
>  
> Thanks ...
>  
>  
> 
> ______________________________________________________________________
> This email has been scanned by the Symantec Email Security.cloud service.
> For more information please visit http://www.symanteccloud.com
> ______________________________________________________________________

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20140326/3493baa1/attachment-0001.html 


More information about the Info-cyrus mailing list