dovecot - May 2011 - PAM config problem...

Hi,
I had some troubles with PAM configuration. I need to restrict imap
access to some users (and allow pop3 to all). I followed the wiki
example of using "args = %s" to use 2 pams configurations (one for
imap
and another for pop3)
When I start the service, it starts, but when I try to auth its hangs
Here is the log:
May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15
(by pid=15424 uid=0 code=kill)
May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up
May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from
directory: /usr/local/lib/dovecot/auth
May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s
May 26 15:16:24 claudia dovecot: master: Error: service(auth): command
startup failed, throttling
May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for
handshake from auth server. my pid=15435, input bytes=0

Is this option working? Im I missing somethin? I had the same proble in
Solaris (but i thought that was a solaris thing, solaris is ALWAYS diferent)

here is my doveconf -n
# 2.0.13: /usr/local/etc/dovecot/dovecot.conf
# OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3
auth_cache_size = 10 M
auth_debug = yes
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
listen = *
login_greeting = Server ready.
mail_debug = yes
mail_location = maildir:/var/mail/%u:INDEX=~/
mail_plugins = quota
passdb {
  args = %s failure_show_msg=yes
  driver = pam
}
plugin {
  quota = maildir:Cuota de correo
  quota_rule = *:storage=1G
  quota_rule2 = Trash:storage=+100M
}
protocols = imap pop3
ssl = no
ssl_cert = </etc/ssl/certs/dovecot.pem
ssl_key = </etc/ssl/private/dovecot.pem
userdb {
  driver = passwd
}
protocol imap {
  imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags
  mail_plugins = quota imap_quota
}
protocol pop3 {
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  pop3_lock_session = yes
  pop3_uidl_format = %08Xv%08Xu
}


And the build options:
Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192
Mail storages: cydir maildir mbox mdbox raw sdbox shared
SQL drivers:
Passdb: checkpassword ldap pam passwd passwd-file shadow
Userdb: checkpassword ldap nss passwd prefetch passwd-file


Thanks, Juan.

Someone else may have responded to this already but it looks like you have a
problem in the passdb section of your config. See my inline...

On May 26, 2011, at 2:39 PM, Juan Bernhard wrote:
> Hi,
> I had some troubles with PAM configuration. I need to restrict imap
> access to some users (and allow pop3 to all). I followed the wiki
> example of using "args = %s" to use 2 pams configurations (one
for imap
> and another for pop3)
> When I start the service, it starts, but when I try to auth its hangs
> Here is the log:
> May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15
> (by pid=15424 uid=0 code=kill)
> May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up
> May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from
> directory: /usr/local/lib/dovecot/auth
> May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s
> May 26 15:16:24 claudia dovecot: master: Error: service(auth): command
> startup failed, throttling
> May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for
> handshake from auth server. my pid=15435, input bytes=0
> 
> Is this option working? Im I missing somethin? I had the same proble in
> Solaris (but i thought that was a solaris thing, solaris is ALWAYS
diferent)
> 
> here is my doveconf -n
> # 2.0.13: /usr/local/etc/dovecot/dovecot.conf
> # OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3
> auth_cache_size = 10 M
> auth_debug = yes
> base_dir = /var/run/dovecot/
> disable_plaintext_auth = no
> listen = *
> login_greeting = Server ready.
> mail_debug = yes
> mail_location = maildir:/var/mail/%u:INDEX=~/
> mail_plugins = quota
> passdb {
>  args = %s failure_show_msg=yes
I think you want %s (service) after failure_show_msg=yes. At least the default
config file says that the PAM service comes after the key,value config pars for
args.
>  driver = pam
> }
> plugin {
>  quota = maildir:Cuota de correo
>  quota_rule = *:storage=1G
>  quota_rule2 = Trash:storage=+100M
> }
> protocols = imap pop3
> ssl = no
> ssl_cert = </etc/ssl/certs/dovecot.pem
> ssl_key = </etc/ssl/private/dovecot.pem
> userdb {
>  driver = passwd
> }
> protocol imap {
>  imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags
>  mail_plugins = quota imap_quota
> }
> protocol pop3 {
>  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
>  pop3_lock_session = yes
>  pop3_uidl_format = %08Xv%08Xu
> }
> 
> 
> And the build options:
> Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192
> Mail storages: cydir maildir mbox mdbox raw sdbox shared
> SQL drivers:
> Passdb: checkpassword ldap pam passwd passwd-file shadow
> Userdb: checkpassword ldap nss passwd prefetch passwd-file
> 
> 
> Thanks, Juan.
> 
> 
> 
> 
> 
>

El 27/05/2011 09:51, David Warden escribi?:
> Someone else may have responded to this already but it looks like you have
a problem in the passdb section of your config. See my inline...
>
> On May 26, 2011, at 2:39 PM, Juan Bernhard wrote:
>
>> Hi,
>> I had some troubles with PAM configuration. I need to restrict imap
>> access to some users (and allow pop3 to all). I followed the wiki
>> example of using "args = %s" to use 2 pams configurations
(one for imap
>> and another for pop3)
>> When I start the service, it starts, but when I try to auth its hangs
>> Here is the log:
>> May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15
>> (by pid=15424 uid=0 code=kill)
>> May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up
>> May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from
>> directory: /usr/local/lib/dovecot/auth
>> May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s
>> May 26 15:16:24 claudia dovecot: master: Error: service(auth): command
>> startup failed, throttling
>> May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for
>> handshake from auth server. my pid=15435, input bytes=0
>>
>> Is this option working? Im I missing somethin? I had the same proble in
>> Solaris (but i thought that was a solaris thing, solaris is ALWAYS
diferent)
>>
>> here is my doveconf -n
>> # 2.0.13: /usr/local/etc/dovecot/dovecot.conf
>> # OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3
>> auth_cache_size = 10 M
>> auth_debug = yes
>> base_dir = /var/run/dovecot/
>> disable_plaintext_auth = no
>> listen = *
>> login_greeting = Server ready.
>> mail_debug = yes
>> mail_location = maildir:/var/mail/%u:INDEX=~/
>> mail_plugins = quota
>> passdb {
>>  args = %s failure_show_msg=yes
> I think you want %s (service) after failure_show_msg=yes. At least the
default config file says that the PAM service comes after the key,value config
pars for args.
Doh!... Thanks you!! That solved my problem! Its seems easy when you
know what to do, hehe...

args = failure_show_msg=yes %s
Works. Thanks again
>>  driver = pam
>> }
>> plugin {
>>  quota = maildir:Cuota de correo
>>  quota_rule = *:storage=1G
>>  quota_rule2 = Trash:storage=+100M
>> }
>> protocols = imap pop3
>> ssl = no
>> ssl_cert = </etc/ssl/certs/dovecot.pem
>> ssl_key = </etc/ssl/private/dovecot.pem
>> userdb {
>>  driver = passwd
>> }
>> protocol imap {
>>  imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags
>>  mail_plugins = quota imap_quota
>> }
>> protocol pop3 {
>>  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
>>  pop3_lock_session = yes
>>  pop3_uidl_format = %08Xv%08Xu
>> }
>>
>>
>> And the build options:
>> Build options: ioloop=epoll notify=inotify ipv6 openssl
io_block_size=8192
>> Mail storages: cydir maildir mbox mdbox raw sdbox shared
>> SQL drivers:
>> Passdb: checkpassword ldap pam passwd passwd-file shadow
>> Userdb: checkpassword ldap nss passwd prefetch passwd-file
>>
>>
>> Thanks, Juan.
>>
>>
>>
>>
>>
>>
>
>