ok, config is still debian linux 2.2.17 on intel, 
cyrus 2.0.12, sasl 1.5.24, openssl 0.9.6, db 3.2.x.

using:
sasl_pwcheck_method: shadow
sasl_minimum_layer: 0
allowplaintext:     yes

if /etc/shadow is either world readable,
or is owned by user cyrus and owner readable, 
then authentication works.

if either of these is not true, then I get
. NO Login failed: authentication failure

and yes, cyrus is in the group that /etc/shadow is in,
and the file is group readable!

adding another user to group shadow allows that user to 
view the file, so it would seem to be a cyrus problem...

Reply via email to