Hello, I'm having trouble to get saslauthd running on a centos-5.3. I can't autheticate via testsaslauthd. Here's what I do using a fresh /etc/sasldb2: 1) start saslauthd in debug mode: saslauthd -d -a shadow -O /usr/lib64/sasl2/smtpd.conf -r -l 2) saslpasswd2 -c -a mail -u mail testuser 3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail shell output of testsaslauthd: 0: NO "authentication failed" shell output of saslauthd: [root at x02-new ~]# saslauthd -d -a shadow -O /usr/lib64/sasl2/smtpd.conf -r -l saslauthd[1936] :main : num_procs : 5 saslauthd[1936] :main : mech_option: /usr/lib64/sasl2/smtpd.conf saslauthd[1936] :main : run_path : /var/run/saslauthd saslauthd[1936] :main : auth_mech : shadow saslauthd[1936] :detach_tty : master pid is: 0 saslauthd[1936] :ipc_init : listening on socket: /var/run/saslauthd/mux saslauthd[1936] :main : using process model saslauthd[1936] :have_baby : forked child: 1937 saslauthd[1936] :have_baby : forked child: 1938 saslauthd[1936] :have_baby : forked child: 1939 saslauthd[1936] :have_baby : forked child: 1941 saslauthd[1937] :do_auth : auth failure: [user=testomat at mail] [service=smtp] [realm=mail] [mech=shadow] [reason=Unknown] saslauthd[1937] :do_request : response: NO output in /var/log/messages: Aug 26 07:41:31 x02-new saslauthd[1673]: server_exit : master exited: 0 Aug 26 07:41:33 x02-new saslauthd[1936]: detach_tty : master pid is: 0 Aug 26 07:41:33 x02-new saslauthd[1936]: ipc_init : listening on socket: /var/run/saslauthd/mux Aug 26 07:41:38 x02-new saslauthd[1937]: do_auth : auth failure: [user=testomat at mail] [service=smtp] [realm=mail] [mech=shadow] [reason=Unknown] output of saslfinger: ===================================================#csaslfinger -s saslfinger - postfix Cyrus sasl configuration Mi 26. Aug 07:43:47 CEST 2009 version: 1.0.2 mode: server-side SMTP AUTH -- basics -- Postfix: 2.3.3 System: CentOS release 5.3 (Final) -- smtpd is linked to -- libsasl2.so.2 => /usr/lib64/libsasl2.so.2 (0x00002b0ffbdee000) -- active SMTP AUTH and TLS parameters for smtpd -- broken_sasl_auth_clients = yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain = mail smtpd_sasl_security_options = noanonymous -- listing of /usr/lib64/sasl2 -- insgesamt 2916 drwxr-xr-x 2 root root 4096 26. Aug 07:34 . drwxr-xr-x 52 root root 20480 26. Aug 00:32 .. -rwxr-xr-x 1 root root 890 7. Jan 2007 libanonymous.la -rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so -rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so.2 -rwxr-xr-x 1 root root 15880 7. Jan 2007 libanonymous.so.2.0.22 -rwxr-xr-x 1 root root 862 7. Jan 2007 liblogin.la -rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so -rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so.2 -rwxr-xr-x 1 root root 16480 7. Jan 2007 liblogin.so.2.0.22 -rwxr-xr-x 1 root root 862 7. Jan 2007 libplain.la -rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so -rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so.2 -rwxr-xr-x 1 root root 16448 7. Jan 2007 libplain.so.2.0.22 -rwxr-xr-x 1 root root 936 7. Jan 2007 libsasldb.la -rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so -rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so.2 -rwxr-xr-x 1 root root 892920 7. Jan 2007 libsasldb.so.2.0.22 -rw-r--r-- 1 root root 167 26. Aug 07:34 smtpd.conf -- listing of /usr/lib/sasl2 -- insgesamt 2912 drwxr-xr-x 2 root root 4096 26. Aug 07:41 . drwxr-xr-x 30 root root 12288 26. Aug 00:33 .. -rwxr-xr-x 1 root root 884 7. Jan 2007 libanonymous.la -rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so -rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2 -rwxr-xr-x 1 root root 14372 7. Jan 2007 libanonymous.so.2.0.22 -rwxr-xr-x 1 root root 856 7. Jan 2007 liblogin.la -rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so -rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2 -rwxr-xr-x 1 root root 14752 7. Jan 2007 liblogin.so.2.0.22 -rwxr-xr-x 1 root root 856 7. Jan 2007 libplain.la -rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so -rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2 -rwxr-xr-x 1 root root 14848 7. Jan 2007 libplain.so.2.0.22 -rwxr-xr-x 1 root root 930 7. Jan 2007 libsasldb.la -rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so -rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2 -rwxr-xr-x 1 root root 905200 7. Jan 2007 libsasldb.so.2.0.22 -- listing of /etc/sasl2 -- insgesamt 24 drwxr-xr-x 2 root root 4096 26. Aug 07:36 . drwxr-xr-x 85 root root 12288 26. Aug 07:38 .. -- content of /usr/lib64/sasl2/smtpd.conf -- auto_transition: true pwcheck_method: auxprop saslauthd_version: 2 auxprop_plugin: sasldb allowanonymouslogin: 0 allowplaintext: 1 mech_list: PLAIN LOGIN log_level: 3 -- active services in /etc/postfix/master.cf -- # service type private unpriv chroot wakeup maxproc command + args # (yes) (yes) (yes) (never) (100) smtp inet n - n - - smtpd pickup fifo n - n 60 1 pickup cleanup unix n - n - 0 cleanup qmgr fifo n - n 300 1 qmgr tlsmgr unix - - n 1000? 1 tlsmgr rewrite unix - - n - - trivial-rewrite bounce unix - - n - 0 bounce defer unix - - n - 0 bounce trace unix - - n - 0 bounce verify unix - - n - 1 verify flush unix n - n 1000? 0 flush proxymap unix - - n - - proxymap smtp unix - - n - - smtp relay unix - - n - - smtp -o fallback_relayshowq unix n - n - - showq error unix - - n - - error discard unix - - n - - discard local unix - n n - - local virtual unix - n n - - virtual lmtp unix - - n - - lmtp anvil unix - - n - 1 anvil scache unix - - n - 1 scache maildrop unix - n n - - pipe flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient} old-cyrus unix - n n - - pipe flags=R user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -m ${extension} ${user} cyrus unix - n n - - pipe user=cyrus argv=/usr/lib/cyrus-imapd/deliver -e -r ${sender} -m ${extension} ${user} uucp unix - n n - - pipe flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient) ifmail unix - n n - - pipe flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient) bsmtp unix - n n - - pipe flags=Fq. user=foo argv=/usr/local/sbin/bsmtp -f $sender $nexthop $recipient -- mechanisms on localhost -- -- end of saslfinger output -- =================================================== content of /etc/pam.d/smtp : #%PAM-1.0 auth include system-auth account include system-auth What's working well: testsaslauthd -u root -p <myrootpassword> -s smtp 0: OK "Success." I don't know what's going on - it seems that testsaslauthd doesn't lookup the user 'testomat' in /etc/sasldb2 Have you got an idea? - Thanks in advance Regards Michael
Michael Kress wrote:> 2) saslpasswd2 -c -a mail -u mail testuser >That's a typo - the user is testomat. But, with the same result. :-(> 3) testsaslauthd -u testomat -p <mypassword> -s smtp -r mail > shell output of testsaslauthd: > 0: NO "authentication failed" >
Michael Kress wrote on Wed, 26 Aug 2009 07:50:33 +0200:> I don't know what's going on - it seems that testsaslauthd doesn't > lookup the user 'testomat' in /etc/sasldb2Should it really do that with auth-mech=shadow? Kai -- Kai Sch?tzl, Berlin, Germany Get your web at Conactive Internet Services: http://www.conactive.com
Hi, Kai Schaetzl wrote:>> I don't know what's going on - it seems that testsaslauthd doesn't >> lookup the user 'testomat' in /etc/sasldb2 > > Should it really do that with auth-mech=shadow?oh, I forgot to mention - of course I already tried that one: saslauthd -d -a pam -O /usr/lib64/sasl2/smtpd.conf -r -l Without success. Regards Michael