Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in

  FAQ | Search | Memberlist | Usergroups | Statistics | Profile | Log in to check your private messages | Log in | Register

can't get cyrus-sasl to work with postfix
 View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Networking & Security
View previous topic :: View next topic  
Author Message
MoonWalker
Guru
Guru


Joined: 04 Jul 2002
Posts: 511
PostPosted: Thu Jul 18, 2002 1:29 pm    Post subject: can't get cyrus-sasl to work with postfix Reply with quote
I have emerged cyrus-sasl and postfix ok and works as should, but to be able sending mail from my dial-up connecten I need to have the sasl auth working but it don't. AFAI can see I have configured main.cf right:

smtpd_sasl_auth_enable = yes
pwcheck_method: = pam
smtpd_client_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions =
permit_mynetworks
permit_sasl_authenticated
reject_unauth_destination
reject_unknown_sender_domain
permit
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes

and smtpd.conf have:
pwcheck_method:pam

as of default install.

When try to send and authenticate it fails though and when checking log (verbose) it shows:

Jul 18 14:16:05 ns1 postfix/smtpd[12060]: < m5ppp34.leissner.se[212.3.0.162]: EHLO jupiter
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-ns1.astrocalc.net
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-PIPELINING
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-SIZE 10240000
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-VRFY
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-ETRN
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-AUTH LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-AUTH=LOGIN PLAIN OTP DIGEST-MD5 CRAM-MD5
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250-XVERP
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 250 8BITMIME
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: watchdog_pat: 0x808b820
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: < m5ppp34.leissner.se[212.3.0.162]: AUTH LOGIN
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: smtpd_sasl_authenticate: sasl_method LOGIN
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: smtpd_sasl_authenticate: uncoded challenge: Username:
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 334 VXNlbt5moKU6
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: < m5ppp34.leissner.se[212.3.0.162]: am9ro2lt
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: smtpd_sasl_authenticate: decoded response: joakim
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: smtpd_sasl_authenticate: uncoded challenge: Password:
Jul 18 14:16:05 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 334 UGHdb3dtdmK6
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: < m5ppp34.leissner.se[212.3.0.162]: cmFkaXY=
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: smtpd_sasl_authenticate: decoded response: somepass
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: No such file or directory
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: No such file or directory
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: warning: m5ppp34.leissner.se[212.3.0.162]: SASL LOGIN authentication failed
Jul 18 14:16:06 ns1 postfix/smtpd[12060]: > m5ppp34.leissner.se[212.3.0.162]: 535 Error: authentication failed

So it say it cant find sasl2.db but AFAI understand that is used for checkpassdw: sasldb !!! and /var/lib/sasl2 dir only have 2 files mux.accept and mux.pid

anyone have a clue? and is there someone have got this working at all?

/Joakim
_________________
/Joakim

Living on earth is expensive, but it includes a free trip around the sun
every year.
Back to top
View user's profile Send private message
Roc
n00b
n00b


Joined: 19 Jul 2002
Posts: 35
PostPosted: Fri Jul 19, 2002 1:32 pm    Post subject: Reply with quote
I had problems very likely to yours, but slightly different. Please try the following:

1. Use pwcheck_method:saslauthd instead of pam (in file smtpd.conf only!)
2. Create a symlink from smtpd.conf to /usr/lib/sasl2
3. saslauthd must be started with /etc/init.d/saslauthd start

Maybe this helps but is not the complete solution.
Back to top
View user's profile Send private message
MoonWalker
Guru
Guru


Joined: 04 Jul 2002
Posts: 511
PostPosted: Sat Jul 20, 2002 9:29 am    Post subject: Reply with quote
Thanks,

the symlink seamed to do the trick! Alreaddy had changed smtpd.conf and also in postfix main.cf uses

Code:
pwcheck_method: = saslauthd


Now it seam to work. Next step having TLS up working...

Joakim
_________________
/Joakim

Living on earth is expensive, but it includes a free trip around the sun
every year.
Back to top
View user's profile Send private message
MaGuS
Guru
Guru


Joined: 13 Jun 2002
Posts: 303
Location: Luebeck, Germany
PostPosted: Mon Aug 12, 2002 2:03 pm    Post subject: Reply with quote
Hi all,

I got the same problem:
Code:

Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: Permission denied
Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: Permission denied
Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: Permission denied
Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: SASL authentication problem: unable to open Berkeley db /var/lib/sasl2/sasl2.db: Permission denied
Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: SASL authentication failure: Password verification failed
Aug 12 15:59:13 mail postfix/smtpd[25094]: warning: xdsl-213-168-118-72.netcologne.de[213.168.118.72]: SASL PLAIN authentication failed


/etc/sasl/smtpd.conf:
Code:

pwcheck_method:saslauthd


saslauthd is started

I've also done a:
ln -s /etc/smtpd.conf /usr/lib/sasl2/smtpd.conf

But the error still there. ;(

Dones anyone knows the solution?

Best regards,
Magnus
Back to top
View user's profile Send private message
mglauche
Retired Dev
Retired Dev


Joined: 25 Apr 2002
Posts: 564
Location: Germany
PostPosted: Mon Aug 12, 2002 4:49 pm    Post subject: Reply with quote
when you use pam with postfix you have a chroot() problem, i.e. the smtpd daemon is chrooted and does try to verify the pam account INSIDE this jail, which, of course fails :P

pwauthd is one sollution, linking sasldb inside the chroot env. is another (but u have to use sasldb then, not pam)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Networking & Security All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum



 Links: forums.gentoo.org | www.gentoo.org | bugs.gentoo.org | wiki.gentoo.org | forum-mods@gentoo.org

Copyright 2001-2025 Gentoo Foundation, Inc. Designed by Kyle Manna © 2003; Style derived from original subSilver theme. | Hosting by Gossamer Threads Inc. © | Powered by phpBB 2.0.23-gentoo-p11 © 2001, 2002 phpBB Group
Privacy Policy