Hi, I had some troubles with PAM configuration. I need to restrict imap access to some users (and allow pop3 to all). I followed the wiki example of using "args = %s" to use 2 pams configurations (one for imap and another for pop3) When I start the service, it starts, but when I try to auth its hangs Here is the log: May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15 (by pid=15424 uid=0 code=kill) May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s May 26 15:16:24 claudia dovecot: master: Error: service(auth): command startup failed, throttling May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for handshake from auth server. my pid=15435, input bytes=0 Is this option working? Im I missing somethin? I had the same proble in Solaris (but i thought that was a solaris thing, solaris is ALWAYS diferent) here is my doveconf -n # 2.0.13: /usr/local/etc/dovecot/dovecot.conf # OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3 auth_cache_size = 10 M auth_debug = yes base_dir = /var/run/dovecot/ disable_plaintext_auth = no listen = * login_greeting = Server ready. mail_debug = yes mail_location = maildir:/var/mail/%u:INDEX=~/ mail_plugins = quota passdb { args = %s failure_show_msg=yes driver = pam } plugin { quota = maildir:Cuota de correo quota_rule = *:storage=1G quota_rule2 = Trash:storage=+100M } protocols = imap pop3 ssl = no ssl_cert = </etc/ssl/certs/dovecot.pem ssl_key = </etc/ssl/private/dovecot.pem userdb { driver = passwd } protocol imap { imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags mail_plugins = quota imap_quota } protocol pop3 { pop3_client_workarounds = outlook-no-nuls oe-ns-eoh pop3_lock_session = yes pop3_uidl_format = %08Xv%08Xu } And the build options: Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 Mail storages: cydir maildir mbox mdbox raw sdbox shared SQL drivers: Passdb: checkpassword ldap pam passwd passwd-file shadow Userdb: checkpassword ldap nss passwd prefetch passwd-file Thanks, Juan.
Someone else may have responded to this already but it looks like you have a problem in the passdb section of your config. See my inline... On May 26, 2011, at 2:39 PM, Juan Bernhard wrote:> Hi, > I had some troubles with PAM configuration. I need to restrict imap > access to some users (and allow pop3 to all). I followed the wiki > example of using "args = %s" to use 2 pams configurations (one for imap > and another for pop3) > When I start the service, it starts, but when I try to auth its hangs > Here is the log: > May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15 > (by pid=15424 uid=0 code=kill) > May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up > May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from > directory: /usr/local/lib/dovecot/auth > May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s > May 26 15:16:24 claudia dovecot: master: Error: service(auth): command > startup failed, throttling > May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for > handshake from auth server. my pid=15435, input bytes=0 > > Is this option working? Im I missing somethin? I had the same proble in > Solaris (but i thought that was a solaris thing, solaris is ALWAYS diferent) > > here is my doveconf -n > # 2.0.13: /usr/local/etc/dovecot/dovecot.conf > # OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3 > auth_cache_size = 10 M > auth_debug = yes > base_dir = /var/run/dovecot/ > disable_plaintext_auth = no > listen = * > login_greeting = Server ready. > mail_debug = yes > mail_location = maildir:/var/mail/%u:INDEX=~/ > mail_plugins = quota > passdb { > args = %s failure_show_msg=yesI think you want %s (service) after failure_show_msg=yes. At least the default config file says that the PAM service comes after the key,value config pars for args.> driver = pam > } > plugin { > quota = maildir:Cuota de correo > quota_rule = *:storage=1G > quota_rule2 = Trash:storage=+100M > } > protocols = imap pop3 > ssl = no > ssl_cert = </etc/ssl/certs/dovecot.pem > ssl_key = </etc/ssl/private/dovecot.pem > userdb { > driver = passwd > } > protocol imap { > imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags > mail_plugins = quota imap_quota > } > protocol pop3 { > pop3_client_workarounds = outlook-no-nuls oe-ns-eoh > pop3_lock_session = yes > pop3_uidl_format = %08Xv%08Xu > } > > > And the build options: > Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 > Mail storages: cydir maildir mbox mdbox raw sdbox shared > SQL drivers: > Passdb: checkpassword ldap pam passwd passwd-file shadow > Userdb: checkpassword ldap nss passwd prefetch passwd-file > > > Thanks, Juan. > > > > > >
El 27/05/2011 09:51, David Warden escribi?:> Someone else may have responded to this already but it looks like you have a problem in the passdb section of your config. See my inline... > > On May 26, 2011, at 2:39 PM, Juan Bernhard wrote: > >> Hi, >> I had some troubles with PAM configuration. I need to restrict imap >> access to some users (and allow pop3 to all). I followed the wiki >> example of using "args = %s" to use 2 pams configurations (one for imap >> and another for pop3) >> When I start the service, it starts, but when I try to auth its hangs >> Here is the log: >> May 26 15:16:09 claudia dovecot: master: Warning: Killed with signal 15 >> (by pid=15424 uid=0 code=kill) >> May 26 15:16:10 claudia dovecot: master: Dovecot v2.0.13 starting up >> May 26 15:16:24 claudia dovecot: auth: Debug: Loading modules from >> directory: /usr/local/lib/dovecot/auth >> May 26 15:16:24 claudia dovecot: auth: Fatal: pam: Unknown setting: %s >> May 26 15:16:24 claudia dovecot: master: Error: service(auth): command >> startup failed, throttling >> May 26 15:16:59 claudia dovecot: pop3-login: Error: Timeout waiting for >> handshake from auth server. my pid=15435, input bytes=0 >> >> Is this option working? Im I missing somethin? I had the same proble in >> Solaris (but i thought that was a solaris thing, solaris is ALWAYS diferent) >> >> here is my doveconf -n >> # 2.0.13: /usr/local/etc/dovecot/dovecot.conf >> # OS: Linux 2.6.18-238.9.1.el5 x86_64 CentOS release 5.6 (Final) ext3 >> auth_cache_size = 10 M >> auth_debug = yes >> base_dir = /var/run/dovecot/ >> disable_plaintext_auth = no >> listen = * >> login_greeting = Server ready. >> mail_debug = yes >> mail_location = maildir:/var/mail/%u:INDEX=~/ >> mail_plugins = quota >> passdb { >> args = %s failure_show_msg=yes > I think you want %s (service) after failure_show_msg=yes. At least the default config file says that the PAM service comes after the key,value config pars for args.Doh!... Thanks you!! That solved my problem! Its seems easy when you know what to do, hehe... args = failure_show_msg=yes %s Works. Thanks again>> driver = pam >> } >> plugin { >> quota = maildir:Cuota de correo >> quota_rule = *:storage=1G >> quota_rule2 = Trash:storage=+100M >> } >> protocols = imap pop3 >> ssl = no >> ssl_cert = </etc/ssl/certs/dovecot.pem >> ssl_key = </etc/ssl/private/dovecot.pem >> userdb { >> driver = passwd >> } >> protocol imap { >> imap_client_workarounds = tb-extra-mailbox-sep tb-lsub-flags >> mail_plugins = quota imap_quota >> } >> protocol pop3 { >> pop3_client_workarounds = outlook-no-nuls oe-ns-eoh >> pop3_lock_session = yes >> pop3_uidl_format = %08Xv%08Xu >> } >> >> >> And the build options: >> Build options: ioloop=epoll notify=inotify ipv6 openssl io_block_size=8192 >> Mail storages: cydir maildir mbox mdbox raw sdbox shared >> SQL drivers: >> Passdb: checkpassword ldap pam passwd passwd-file shadow >> Userdb: checkpassword ldap nss passwd prefetch passwd-file >> >> >> Thanks, Juan. >> >> >> >> >> >> > >