Jani Karlsson
2005-Jun-11 21:06 UTC
[Dovecot] multiple authentication mechanisms, many problems
dovecot: Jun 11 23:57:56 Info: auth(default):
pam(testi at irkkaa.net,83.145.196.129): pam_authenticate() failed:
Authentication failure
tried also debugging whats wrong with it, it queries ok, the password in
the query is ok and everything. but it never replies +OK.
that connection just halts after PASS command. Tried IMAP, same result.
config: (dovecot.conf, PLAIN etc all enabled)
passdb pam {
args = *
}
passdb sql {
args = /usr/local/etc/dovecot-mysql.conf
}
userdb passwd {
}
userdb sql {
args = /usr/local/etc/dovecot-mysql.conf
}
default_pass_scheme = PLAIN
password_query SELECT username as user, password FROM mailbox WHERE username =
'%u'
user_query SELECT concat('/usr/local/virtual/',maildir) as home,
207 AS uid,208 AS gid FROM mailbox WHERE username = '%u'
postfixadmin-format mysql-DB, mails in
/usr/local/virtual/user at domain/Maildir
Any ideas where stuff could go wrong?
Passwords in the MySQL are cleartext and checked that query returns
right values. Yet authentication-phase just gets stuck.
System is hardned Gentoo-Linux (2.6.11r13-grsec)
Timo Sirainen
2005-Jun-14 10:09 UTC
[Dovecot] multiple authentication mechanisms, many problems
On Sun, 2005-06-12 at 00:06 +0300, Jani Karlsson wrote:> dovecot: Jun 11 23:57:56 Info: auth(default): > pam(testi at irkkaa.net,83.145.196.129): pam_authenticate() failed: > Authentication failure..> passdb pam { > args = * > } > passdb sql { > args = /usr/local/etc/dovecot-mysql.conf > } > userdb passwd { > } > userdb sql { > args = /usr/local/etc/dovecot-mysql.conf > }Did you try that it works with just SQL, or with just PAM? The problem happens only if these both are defined? When it gets stuck, does it matter if the user is in PAM or SQL? Is this with 1.0-stable or 1.0-test? -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: This is a digitally signed message part URL: <http://dovecot.org/pipermail/dovecot/attachments/20050614/54f01540/attachment-0001.bin>
Jani Karlsson
2005-Jun-14 10:24 UTC
[Dovecot] multiple authentication mechanisms, many problems
Timo Sirainen wrote:> On Sun, 2005-06-12 at 00:06 +0300, Jani Karlsson wrote: > >>dovecot: Jun 11 23:57:56 Info: auth(default): >>pam(testi at irkkaa.net,83.145.196.129): pam_authenticate() failed: >>Authentication failure > > .. > >>passdb pam { >> args = * >> } >>passdb sql { >> args = /usr/local/etc/dovecot-mysql.conf >> } >>userdb passwd { >>} >>userdb sql { >> args = /usr/local/etc/dovecot-mysql.conf >>} > > > Did you try that it works with just SQL, or with just PAM? The problem > happens only if these both are defined? When it gets stuck, does it > matter if the user is in PAM or SQL? > > Is this with 1.0-stable or 1.0-test? >1.0-test, I found the error it had... authentication was successfull, but it was trying to request /Maildir, although I had %h:%h/Maildir I was wanting /Maildir for shell (unix) users and homedir/[cur,new,tmp] for SQL-users. It tried to access /usr/local/virtual/test at test.net//Maildir/ and was stuck in some loop until that connection timed out. After I fixed this error, I found another, already posted on the list: http://dovecot.org/pipermail/dovecot/2005-May/007421.html similiar problems with Gentoo on AMD64, 1.0-test72.. cannot create/move/such IMAP folders. Error: denied resource overstep by requesting 17189568512 for RLIMIT_AS against limit 536870912 for /usr/local/libexec/dovecot/imap[imap:23732] uid/euid:1156/1156 gid/egid:1156/1156, parent /usr/local/sbin/dovecot[dovecot:13204] uid/euid:0/0 gid/egid:0/0 Yet there is no limits, checked that twice. Also, dovecot starts only random, if it has to do something (like correct /var/run/dovecot permissions, it will always start), somehow it races too fast too many connections to MySQL, resulting: dovecot: Jun 14 12:46:45 Error: Auth process died too early - shutting down dovecot: Jun 14 12:46:45 Info: auth(default): mysql: Connected to (null) (postfix) dovecot: Jun 14 12:46:45 Error: auth(default): net_connect_unix(/var/run/dovecot/auth-worker.11918) failed: No such file or directory dovecot: Jun 14 12:46:45 Error: child 11918 (auth) returned error 89 I find it yet not quite suitable for production use, as I can duplicate these exact same errors on another 64-bit (AMD64) Debian system. I am wondering if is this something related to 64-bit CPUs. Anyway, patches etc are welcome. Specially the dovecot starting randomly only is nasty, need to kill all processes manually and try again.