OK. ran ldd on libgssapiv2.so and found that for some reason I had to copy a lot of kerb libs to /usr/lib, which fixed
Oct 10 19:48:25 4am imapd[22837]: unable to dlopen /usr/lib/sasl/libgssapiv2.so: libgssapi.so.1: cannot load shared object file: No such file or directory ...but I still can't authenticate, which really doesn't surprise me. At 4:55 PM -0600 10/12/01, Michael Bartosh wrote: >>Michael Bartosh wrote: >>> this question is far simpler than most I see across this list- >>> >>That's fine--we all start somewhere :-) >> >>> But I can not get any method of authentication except for sasldb to >>> work. I tied pam, I tried shadow (and added cyrus to the shadow >>> group) and nothing worked until I gave the user a saslpasswd and >>> changed auth to sasldb. >>> >>> How do I authenticate against pre-existing passwords? Or is there a >>> way to keep a user's password and saslpassword in sync? Where do I >>> start to look and see where my problem is? >>> >>Start by reading the FAQ: >> http://cyrus-utils.sf.net/fom > >The requested URL /fom was not found on this server > >>and the /docs directory in the source distribution (the install-*.html, >>overview.html, and faq.html files). You can use PAM or pwcheck to >>authenticate against shadow passwords. pwcheck is a little authentication >>daemon that comes with the Cyrus source distribution. > >Suse 7.2 > >At first I was trying to use the rpms that came with Suse- and >everything basically worked except for the fact that I could only >get sasldb auth to function. I still have not found any specific >directions for getting PAM to work-- if there is a url specifically >or this, I'd gladly retrace my steps again. Do I need to chang >/etc/pam.d/imapd and /etc/imapd/popd ? > >In the mean time I built cyrus per the instructions included in the doc dir. > >> >>After you've done that, try again from scratch (so that you don't have any >>bits and pieces from when you first started floating around). If it's not >>working, post detailed diagnostics here--there's been some good posts >>recently showing what this looks like. You should at least include contents >>and permissions of imapd.conf, > >ls -latr /etc/imapd.conf >-rw-r--r-- 1 root root 261 Oct 10 03:43 /etc/imapd.conf > >mbartosh@4am:~/cyrus-imapd-2.0.16 > cat /etc/imapd.conf >configdirectory: /var/imap >partition-default: /var/spool/imap >admins: cyrus >allowanonymouslogin: no >autocreatequota: 10000 >reject8bit: no >quotawarn: 90 >timeout: 30 >poptimeout: 10 >dracinterval: 0 >drachost: localhost >allowplaintext: yes >sasl_pwcheck_method: PAM > >>cyrus.conf, > > ls -latr /etc/cyrus.conf >-rw-r--r-- 1 root root 1076 Oct 10 00:59 /etc/cyrus.conf > >mbartosh@4am:~ > cat /etc/cyrus.conf ># standard standalone server implementation > >START { > # do not delete these entries! > mboxlist cmd="ctl_mboxlist -r" > deliver cmd="ctl_deliver -r" > > # this is only necessary if using idled for IMAP IDLE ># idled cmd="idled" >} > ># UNIX sockets start with a slash and are put into /var/imap/sockets >SERVICES { > # add or remove based on preferences > imap cmd="imapd" listen="imap" prefork=0 > pop3 cmd="pop3d" listen="pop3" prefork=0 > > # LMTP is required for delivery > #lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0 > #added per /usr/share/doc/packages/cyrus-imapd/README.SuSE >lmtpunix cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1 >} > >EVENTS { > # this is required > checkpoint cmd="ctl_mboxlist -c" period=30 > > # this is only necessary if using duplicate delivery suppression > delprune cmd="ctl_deliver -E 3" period=1440 >} > >>pwcheck dir or pam config > > cat /etc/pam.d/imap >#%PAM-1.0 >auth required /lib/security/pam_unix.so >account required /lib/security/pam_unix.so > >mbartosh@4am:~/cyrus-imapd-2.0.16 > cat /etc/pam.d/pop #%PAM-1.0 >auth required /lib/security/pam_unix.so >account required /lib/security/pam_unix.so > >>as >>appropriate, input and output to cyradm, > >mbartosh@4am:~ > cyradm -u cyrus localhost >Can't load >'/usr/lib/perl5/site_perl/5.6.0/i586-linux/auto/Cyrus/IMAP/IMAP.so' >for module Cyrus::IMAP: libssl.so.0.9.6: cannot load shared object >file: No such file or directory at >/usr/lib/perl5/5.6.0/i586-linux/DynaLoader.pm line 200. > at /usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line 43 >Compilation failed in require at >/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line >43. >BEGIN failed--compilation aborted at >/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line >43. >Compilation failed in require at >/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Shell.pm line >58. >BEGIN failed--compilation aborted at >/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Shell.pm line >58. >Compilation failed in require. >BEGIN failed--compilation aborted. > >> imtest, > >mbartosh@4am:~ > imtest -m login -p imap localhost >C: C01 CAPABILITY >S: * OK 4am Cyrus IMAP4 v2.0.16 server ready >S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS >ID NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT >THREAD=REFERENCES IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 >S: C01 OK Completed >Password: >C: L01 LOGIN mbartosh {6} >+ go ahead >C: <omitted> >L01 NO Login failed: authentication failure >Authentication failed. generic failure >Security strength factor: 0 >. logout >* BYE LOGOUT received >. OK Completed >Connection closed. > >> and `telnet localhost >>imap`, > >mbartosh@4am:~ > telnet localhost imap >Trying ::1... >telnet: connect to address ::1: Connection refused >Trying 127.0.0.1... >Connected to localhost. >Escape character is '^]'. >* OK 4am Cyrus IMAP4 v2.0.16 server ready >. logout >* BYE LOGOUT received >. OK Completed >Connection closed by foreign host. > >> and contents of /var/log/imapd.conf, > >For some reason nothing is being written to the file? > >> plus your ./configure command > >./configure --with-auth=unix --with-sasl=/usr/lib/sasl >--with-openssl=/usr/local/ssl > >>and anything else relevent. > >When I start master and try to run imtest, I get an error in syslog: > >Oct 10 15:42:01 4am lmtpd[14960]: unable to dlopen >/usr/lib/sasl/libgssapiv2.so: libgssapi.so.1: cannot load shared >object file: No such file or directory > >Except that both of those files are there. > >Again- the only thing that was broken with the rpm's was >authentication- so if there's a specific reference to configuring >for PAM, I'd love to find that. > >>HTH, >> Jeremy > > >-- --
