search for: mech_list

...at linagora.com> --- scripts/ovirt-early | 4 ++-- 1 files changed, 2 insertions(+), 2 deletions(-) diff --git a/scripts/ovirt-early b/scripts/ovirt-early index 23c4f6e..69cfa3e 100755 --- a/scripts/ovirt-early +++ b/scripts/ovirt-early @@ -474,8 +474,8 @@ start() { -e "s/^mech_list: .*gssapi.*/mech_list: digest-md5/" \ /etc/sasl2/libvirt.conf else - configure_manament_interface - fi + configure_management_interface + fi rm -f $VAR_SUBSYS_OVIRT_EARLY -- 1.6.6 -- Arthur CLEMENT Linagora Paris

...isten on TCP (for kerberos) - sed -i -e "s/^[[:space:]]*#[[:space:]]*\(listen_tcp\)\>.*/\1 = 1/" \ - -e "s/^[[:space:]]*#[[:space:]]*\(listen_tls\)\>.*/\1 = 0/" \ - /etc/libvirt/libvirtd.conf - - # with libvirt (0.4.0), make sure we we setup gssapi in the mech_list - sasl_conf=/etc/sasl2/libvirt.conf - if ! grep -qE "^mech_list: gssapi" $sasl_conf ; then - sed -i -e "s/^\([[:space:]]*mech_list.*\)/#\1/" $sasl_conf - echo "mech_list: gssapi" >> $sasl_conf - fi - -#ovirt_setup_anyterm() - # configure an...

...icted to specific group is just enough for authentication. But virsh has the power like sudo: you could define pool on real device and write anything on it. So I decided to authenticate with password for each virsh use. I'm using SASL + saslauthd + PAM for that case. /etc/sasl2/libvirt.conf: mech_list: PLAIN pwcheck_method: saslauthd /etc/sasl2/qemu.conf: mech_list: PLAIN pwcheck_method: saslauthd /etc/pam.d/libvirt: auth requisite pam_listfile.so item=group sense=allow file=/etc/libvirt/allow_group auth required pam_tally2.so onerr=succeed auth...

...ke to authenticate openldap users over dovecot-sasl. So looking at this page: http://www.openldap.org/doc/admin24/security.html I figure it could be done using Pass-Through authentication. For this, I need to create /usr/lib/sasl2/slapd.conf And adding a few config paremeters. This is a example mech_list: plain pwcheck_method: saslauthd saslauthd_path: /var/run/sasl2/mux I understand the mech_list parameter, but I have no Idea what to put in for the rest. Any help? Thanks! Nathan

I have mail server on CentOS 4.1. Sasl authorization for SMTP is enabled. Thunderbird sends mail, but Outlook get an error 554, Relay access denied, error number 0x800CCC79 Outlook has a login and password for SMTP enabled. It is strange, because there is no any sign of authorize in maillog when Outlook try to send mail. -- ____________________________________________________________________ D

...e, version 1.5.5 (r34862), here is my svnserve.conf file [general] anon-access = none auth-access = write realm = isf [sasl] use-sasl = true min-encryption = 128 max-encryption = 256 and here is my /etc/sasl2/svn.conf file pwcheck_method: auxprop auxprop_plugin: sasldb sasldb_path: /svn/sassl mech_list: DIGEST-MD5 On the client I am using TortoiseSVN 1.5.5 (TortoiseSVN 1.5.5, Build 14361 - 64 Bit , 2008/10/24 18:06:34 Subversion 1.5.4, apr 1.2.12 apr-utils 1.2.12 berkeley db 4.4.20 neon 0.28.3 OpenSSL 0.9.8i 15 Sep 2008 zlib 1.2.3) When connecting to this repository, I am getting "Error: C...

...oth respect kerberos and allow logging in with no password it already authenticated! Here is what I've set up: /etc/sasl2/libvirt.conf listen_tls = 0 listen_tcp = 1 mdns_adv = 0 auth_unix_ro = "none" auth_unix_rw = "none" auth_tcp = "sasl" /etc/sasl2/libvirt.conf mech_list: gssapi keytab: /etc/libvirt/krb5.kqemu sasldb_path: /etc/libvirt/passwd.db I start libvirtd with: KRB5_KTNAME=/etc/libvirt/krb5.kqemu /usr/sbin/libvirtd -d --listen In virt-manager I've set both hosts: qemu+tcp://srv1.example.org qemu+tcp://srv2.example.org Since both configs are identical...

I was playing with SASL authentication a bit today and I wasn't able to get libvirt to authenticate against PAM (or anything else except the sasldb, although I didn't try Kerberos). Does anybody know off the top of their head what mechanisms/password check options work? I'm trying to figure out if I'm attempting the impossible. Dave

Dear list, I have been struggling to get working a PDC using Samba with LDAP backend, in a fresh Debian Sarge install. 1. SeMachineAccountPrivilege I'm reading IDEALX's Linux Samba-OpenLDAP Howto as guidance. In my last attempt, everything appeared to be fine until the very end, the Integration test, when I added an admin user, got it on the "Domain Admin" and then tried to

...service=system-auth account required pam_stack.so service=system-auth Also: # saslauthd -v saslauthd 2.1.19 authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap And /usr/lib/sasl2/smtpd.conf (also linked to sample.conf) # cat smtpd.conf loglevel: 7 pwcheck_method: saslauthd mech_list: PLAIN LOGIN Here are the results of a failed attempt: ------------------------------------- # saslauthd -m /var/run/saslauthd -a pam -d saslauthd[3176] :main : num_procs : 5 saslauthd[3176] :main : mech_option: NULL saslauthd[3176] :main : run_path : /var/run/...

...on in virt-manager. I read in one existing bug, that it is better to use tls for encryption and sasl for authentication, but not use sasl for both. I configured tls, it was fine. Then I created a user "u" on server and modified libvirtd.conf. I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config for libvirt. The output of sasl: u@ubuntu2:~$ sudo sasldblistusers2 -f /etc/libvirt/passwd.db u@ubuntu: userPassword Then I connect to server using tls and entering as the user u. Then I have the following message: Unable to connect to libvirt qemu+tls://u@192.168.2...

...on in virt-manager. I read in one existing bug, that it is better to use tls for encryption and sasl for authentication, but not use sasl for both. I configured tls, it was fine. Then I created a user "u" on server and modified libvirtd.conf. I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config for libvirt. The output of sasl: u@ubuntu2:~$ sudo sasldblistusers2 -f /etc/libvirt/passwd.db u@ubuntu: userPassword Then I connect to server using tls and entering as the user u. Then I have the following message: Unable to connect to libvirt qemu+tls://u@192.168.2...

...on in virt-manager. I read in one existing bug, that it is better to use tls for encryption and sasl for authentication, but not use sasl for both. I configured tls, it was fine. Then I created a user "u" on server and modified libvirtd.conf. I set auth_tls = "sasl" there and mech_list: scram-sha-1 in sasl2 config for libvirt. The output of sasl: u@ubuntu2:~$ sudo sasldblistusers2 -f /etc/libvirt/passwd.db u@ubuntu: userPassword Then I connect to server using tls and entering as the user u. Then I have the following message: Unable to connect to libvirt qemu+tls://u@192.168.2...

On 12/8/2017 14:38, Mark Foley via samba wrote: > I'm trying to get Sendmail to authenticate with Active Directory. I have saslauthd configured > for Sendmail authentication, /etc/sasl2/Sendmail.conf: > > pwcheck_method: saslauthd > mech_list: LOGIN PLAIN > > and saslauthd is started as: /usr/sbin/saslauthd -a shadow > > This fails when doing testsaslauthd on a domain user. > > Is there a way to get sendmail to authenticate using domain credentials? > > My distro (Slackware) does not provide PAM, but I can get it...

...in.com | /home/vmail/ | domain.com/test2/ | 10240000 | domain.com | | test3 at domain.com | /home/vmail/ | domain.com/test3/ | 10240000 | domain.com | +-------------------+--------------+-------------------+----------+------------+ I have this configuration in smtpd.conf: pwcheck_method: auxprop mech_list: LOGIN CRAM-MD5 DIGEST-MD5 GSSAPI auxprop_plugin: sql sql_verbose: yes sql_engine: mysql sql_hostnames: localhost sql_database: postfix sql_user: postfix sql_passwd: bscidth46 sql_select: select password from mailbox where username = '%u@%r' What can i do to log in with only user part of u...

Hi I configured my postfix that i can access the file /etc/sasl2/sasldb2 and authorize the users how are added in this database. My smtpd.conf looks like this: mech_list: PLAIN LOGIN pwcheck_method: auxprop auxprop_plugin: sasldb My saslauthd is not running. And when i telnet to port 25 i can authorize my self like this: telnet localhost 25 Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. 220 localhost ESMTP Postfix ehlo localhost 250...

...rt.org/auth.html ) does not specify if it is possible to use SASL with a different authentication method other than DIGEST-MD5. I would like to authenticate users via LDAP - is this possible? I configured LDAP authentication via SASL as follows: /etc/sasl2/libvirt.conf pwcheck_method: saslauthd mech_list: PLAIN LOGIN log_level: 5 saslauthd_path: /var/run/saslauthd/mux auxprop_plugin: ldap /etc/saslauthd.conf ldap_servers: ldap://ldap_ip_addr:389/ ldap_search_base: ou=People,dc=x-es,dc=com ldap_auth_method: none ldap_filter: uid=%u ldap_version: 3 /etc/default/saslauthd START=yes D...

...td is set to listen for tcp connections - I added the service spice/kvmhost01.theinside.rnr - I created a keytab for the above and put it on kvmhost01 in /etc/qemu-kvm/krb5.tab - the above file has owner:group set to qemu:root with perms 600 - I have the following in /etc/sasl2/qemu-kvm.conf mech_list: gssapi keytab: /etc/qemu-kvm/krb5.tab - I have the following in /etc/libvirt/qemu.conf spice_listen = "0.0.0.0" spice_tls = 0 spice_sasl = 1 spice_sasl_dir = "/etc/sasl2/" - the first time I try to view a console, I get the kerberos tickets I expect to: Ticket...

Dear all, Would need some of your advise. As I was the trying to get postfix sasl working with samba AD. I've try to search online for a few examples some use ldap, kerberos or pam. I'm using winbind on that system and I wonder if we can use winbind with sasl. Or anyone have a more correct on how it should be done. My existing setup was working with ldap before moving to samba4.

...t connection after AUTH from ernie.bio2.RWTH-Aachen.DE[134.130.63.5] Apr 20 18:35:03 bert postfix/smtpd[2525]: disconnect from ernie.bio2.RWTH-Aachen.DE[134.130.63.5] Apr 20 18:35:03 bert postfix/smtpd[2525]: master_notify: status 1 my configuration is sasl2/smtp.conf : pwcheck_method: saslauthd mech_list: PLAIN LOGIN CRAM_MD5 DIGEST_MD5 log_level: 6 smb.conf: [global] workgroup = Biologie2 netbios name = bert server string = bert security = DOMAIN log file = /var/log/samba/log.%m max log size = 50 load printers = No os level = 20 interfaces = dc0 bind interfaces only = yes winbind uid = 10000-200...