I've seen this behavior over the last week or two when I try to upgrade to latest stable sources. Currently just installed kernel and world for: /usr/src>svn info Path: . Working Copy Root Path: /usr/src URL: svn://svn.freebsd.org/base/stable/10 Relative URL: ^/stable/10 Repository Root: svn://svn.freebsd.org/base Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f Revision: 272095 Node Kind: directory Schedule: normal Last Changed Author: peter Last Changed Rev: 272078 Last Changed Date: 2014-09-24 14:30:36 -0500 (Wed, 24 Sep 2014) This breaks saslauthd - it demands a password when sending mail, but then rejects it in every case. If I just install a new kernel, everything is fine. But if I install world, that's when the problem shows up. I've tried a full reinstall of cygnus sasls and the daemon is running. Ideas on how to chase this down/fix, would be appreciated... -- Tim Daneliuk tundra at tundraware.com
On Thu, Sep 25, 2014, at 09:54, Tim Daneliuk wrote:> I've seen this behavior over the last week or two when I try to upgrade > to latest stable sources. Currently just installed kernel and world for: > > /usr/src>svn info > Path: . > Working Copy Root Path: /usr/src > URL: svn://svn.freebsd.org/base/stable/10 > Relative URL: ^/stable/10 > Repository Root: svn://svn.freebsd.org/base > Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f > Revision: 272095 > Node Kind: directory > Schedule: normal > Last Changed Author: peter > Last Changed Rev: 272078 > Last Changed Date: 2014-09-24 14:30:36 -0500 (Wed, 24 Sep 2014) > > This breaks saslauthd - it demands a password when sending mail, but then > rejects it in every case. > > If I just install a new kernel, everything is fine. But if I install > world, that's when the problem shows up. I've tried a full reinstall of > cygnus sasls and the daemon is running. > > Ideas on how to chase this down/fix, would be appreciated... >What version of saslauthd? Also, did you just reinstall it or did you rebuild it?
On Thu, September 25, 2014 9:54 am, Tim Daneliuk wrote:> I've seen this behavior over the last week or two when I try to upgrade > to latest stable sources. Currently just installed kernel and world for: > > /usr/src>svn info > Path: . > Working Copy Root Path: /usr/src > URL: svn://svn.freebsd.org/base/stable/10 > Relative URL: ^/stable/10 > Repository Root: svn://svn.freebsd.org/base > Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f > Revision: 272095 > Node Kind: directory > Schedule: normal > Last Changed Author: peter > Last Changed Rev: 272078 > Last Changed Date: 2014-09-24 14:30:36 -0500 (Wed, 24 Sep 2014) > > This breaks saslauthd - it demands a password when sending mail, but then > rejects it in every case. > > If I just install a new kernel, everything is fine. But if I install > world, that's when the problem shows up. I've tried a full reinstall of > cygnus sasls and the daemon is running. > > Ideas on how to chase this down/fix, would be appreciated... >Oh, and the log message is this: saslauthd[19268]: in openpam_check_error_code(): pam_sm_acct_mgmt(): unexpected return value 12 -- Tim Daneliuk tundra at tundraware.com
On 25 Sep 2014, at 16:54, Tim Daneliuk <tundra at tundraware.com> wrote:> I've seen this behavior over the last week or two when I try to upgrade > to latest stable sources. Currently just installed kernel and world for: > > /usr/src>svn info > Path: . > Working Copy Root Path: /usr/src > URL: svn://svn.freebsd.org/base/stable/10 > Relative URL: ^/stable/10 > Repository Root: svn://svn.freebsd.org/base > Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f > Revision: 272095 > Node Kind: directory > Schedule: normal > Last Changed Author: peter > Last Changed Rev: 272078 > Last Changed Date: 2014-09-24 14:30:36 -0500 (Wed, 24 Sep 2014) > > This breaks saslauthd - it demands a password when sending mail, but then > rejects it in every case. > > If I just install a new kernel, everything is fine. But if I install > world, that's when the problem shows up. I've tried a full reinstall of > cygnus sasls and the daemon is running. > > Ideas on how to chase this down/fix, would be appreciated...It is probably caused by this MFC: http://svnweb.freebsd.org/changeset/base/271766 To make saslauthd work again, you need to specify a correct PAM policy file in /usr/local/etc/pam.d for your service, most likely "smtp" in this case. E.g., create a file /usr/local/etc/pam.d/smtp, containing at least: auth required pam_unix.so no_warn try_first_pass account required pam_unix.so session required pam_permit.so password required pam_permit.so Optionally, add a line: auth required pam_group.so luser group=smtp-users fail_safe to allow only members of the smtp-users group to authenticate successfully. -Dimitry -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 203 bytes Desc: Message signed with OpenPGP using GPGMail URL: <http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20140925/00467201/attachment.sig>