Hello,
I'm having trouble to get saslauthd running on a centos-5.3. I can't
autheticate via testsaslauthd. Here's what I do using a fresh /etc/sasldb2:
1) start saslauthd in debug mode: saslauthd -d -a shadow -O
/usr/lib64/sasl2/smtpd.conf -r -l
2) saslpasswd2 -c -a mail -u mail testuser
3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail
shell output of testsaslauthd:
0: NO "authentication failed"
shell output of saslauthd:
[root at x02-new ~]# saslauthd -d -a shadow -O /usr/lib64/sasl2/smtpd.conf
-r -l
saslauthd[1936] :main : num_procs : 5
saslauthd[1936] :main : mech_option: /usr/lib64/sasl2/smtpd.conf
saslauthd[1936] :main : run_path : /var/run/saslauthd
saslauthd[1936] :main : auth_mech : shadow
saslauthd[1936] :detach_tty : master pid is: 0
saslauthd[1936] :ipc_init : listening on socket:
/var/run/saslauthd/mux
saslauthd[1936] :main : using process model
saslauthd[1936] :have_baby : forked child: 1937
saslauthd[1936] :have_baby : forked child: 1938
saslauthd[1936] :have_baby : forked child: 1939
saslauthd[1936] :have_baby : forked child: 1941
saslauthd[1937] :do_auth : auth failure: [user=testomat at mail]
[service=smtp] [realm=mail] [mech=shadow] [reason=Unknown]
saslauthd[1937] :do_request : response: NO
output in /var/log/messages:
Aug 26 07:41:31 x02-new saslauthd[1673]: server_exit : master exited: 0
Aug 26 07:41:33 x02-new saslauthd[1936]: detach_tty : master pid is: 0
Aug 26 07:41:33 x02-new saslauthd[1936]: ipc_init : listening on
socket: /var/run/saslauthd/mux
Aug 26 07:41:38 x02-new saslauthd[1937]: do_auth : auth failure:
[user=testomat at mail] [service=smtp] [realm=mail] [mech=shadow]
[reason=Unknown]
output of saslfinger:
===================================================#csaslfinger -s
saslfinger - postfix Cyrus sasl configuration Mi 26. Aug 07:43:47 CEST 2009
version: 1.0.2
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.3.3
System: CentOS release 5.3 (Final)
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00002b0ffbdee000)
-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = mail
smtpd_sasl_security_options = noanonymous
-- listing of /usr/lib64/sasl2 --
insgesamt 2916
drwxr-xr-x 2 root root 4096 26. Aug 07:34 .
drwxr-xr-x 52 root root 20480 26. Aug 00:32 ..
-rwxr-xr-x 1 root root 890 7. Jan 2007 libanonymous.la
-rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so
-rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so.2
-rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 862 7. Jan 2007 liblogin.la
-rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so
-rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so.2
-rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 862 7. Jan 2007 libplain.la
-rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so
-rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so.2
-rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so.2.0.22
-rwxr-xr-x 1 root root 936 7. Jan 2007 libsasldb.la
-rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so
-rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so.2
-rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so.2.0.22
-rw-r--r-- 1 root root 167 26. Aug 07:34 smtpd.conf
-- listing of /usr/lib/sasl2 --
insgesamt 2912
drwxr-xr-x 2 root root 4096 26. Aug 07:41 .
drwxr-xr-x 30 root root 12288 26. Aug 00:33 ..
-rwxr-xr-x 1 root root 884 7. Jan 2007 libanonymous.la
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2
-rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 liblogin.la
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2
-rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2.0.22
-rwxr-xr-x 1 root root 856 7. Jan 2007 libplain.la
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2
-rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2.0.22
-rwxr-xr-x 1 root root 930 7. Jan 2007 libsasldb.la
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2
-rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2.0.22
-- listing of /etc/sasl2 --
insgesamt 24
drwxr-xr-x 2 root root 4096 26. Aug 07:36 .
drwxr-xr-x 85 root root 12288 26. Aug 07:38 ..
-- content of /usr/lib64/sasl2/smtpd.conf --
auto_transition: true
pwcheck_method: auxprop
saslauthd_version: 2
auxprop_plugin: sasldb
allowanonymouslogin: 0
allowplaintext: 1
mech_list: PLAIN LOGIN
log_level: 3
-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o fallback_relayshowq unix n - n - -
showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m
${extension} ${user}
cyrus unix - n n - - pipe
user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m
${extension} ${user}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop
$recipient
-- mechanisms on localhost --
-- end of saslfinger output --
===================================================
content of /etc/pam.d/smtp :
#%PAM-1.0
auth include system-auth
account include system-auth
What's working well: testsaslauthd -u root -p <myrootpassword> -s smtp
0: OK "Success."
I don't know what's going on - it seems that testsaslauthd doesn't
lookup the user 'testomat' in /etc/sasldb2
Have you got an idea? - Thanks in advance
Regards
Michael
Michael Kress wrote:> 2) saslpasswd2 -c -a mail -u mail testuser >That's a typo - the user is testomat. But, with the same result. :-(> 3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail > shell output of testsaslauthd: > 0: NO "authentication failed" >
Michael Kress wrote on Wed, 26 Aug 2009 07:50:33 +0200:> I don't know what's going on - it seems that testsaslauthd doesn't > lookup the user 'testomat' in /etc/sasldb2Should it really do that with auth-mech=shadow? Kai -- Kai Sch?tzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
Hi, Kai Schaetzl wrote:>> I don't know what's going on - it seems that testsaslauthd doesn't >> lookup the user 'testomat' in /etc/sasldb2 > > Should it really do that with auth-mech=shadow?oh, I forgot to mention - of course I already tried that one: saslauthd -d -a pam -O /usr/lib64/sasl2/smtpd.conf -r -l Without success. Regards Michael