pam vs vs saslauthd vs sasldb?

Wed, 10 Apr 2002 21:30:09 -0700 

I have only problems getting IMAPD-2.1.3 to work on my RH7.2 system.

I removed all prior instances I had compiled and totally re-made
both SASLv2 (2.1.2) and IMAPD 2.1.3 (from the source RPMS announced
here a few days ago, with the single modification that I configure
cyrus-imapd with
        --with-auth=unix --with-pam
and  without
        --with-krb-/usr/kerberos
as I'm lacking the necessary DES libraries..

Now I have problems with authentication with cyradm:

/etc/imapd.conf says:
        # less /etc/imapd.conf
        configdirectory: /var/imap
        partition-default: /var/spool/imap
        admins: mathias
        allowanonymouslogin: no

        # To use the PAM for authentication (but not /etc/passwd or shadow), change
        # the following line to specify "pam" instead of "sasldb".
        sasl_pwcheck_method: saslauthd

I have started saslauthd using pam:
        root      3190  0.0  0.1  2220  712 ?        S    12:28   0:00 saslauthd -a
pam
        root      3191  0.0  0.1  2220  712 ?        S    12:28   0:00 saslauthd -a
pam
        root      3192  0.0  0.1  2220  712 ?        S    12:28   0:00 saslauthd -a
pam
        root      3193  0.0  0.1  2220  712 ?        S    12:28   0:00 saslauthd -a
pam
        root      3194  0.0  0.1  2220  712 ?        S    12:28   0:00 saslauthd -a
pam

# I can authenticate using imtest:
        [root@noisy log]# /usr/bin/imtest -m login -a mathias localhost
        C: C01 CAPABILITY
        S: * OK noisy Cyrus IMAP4 v2.1.3 server ready
        S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT     THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=GSSAPI X-NETSCAPE
        S: C01 OK Completed
        Password:
        C: L01 LOGIN mathias {7}
        + go ahead
        C: <omitted>
        L01 OK User logged in
        Authenticated.
        Security strength factor: 0

yet when using cyradm, I cannot authenticate:

        [root@noisy log]# cyradm -user mathias localhost
        Password:
        cyradm: cannot authenticate to server with  as mathias
        [root@noisy log]# tail /var/log/auth
        Apr 11 12:23:37 noisy imapd[3110]: no secret in database
        Apr 11 12:23:40 noisy perl: No worthy mechs found
        Apr 11 12:27:55 noisy saslauthd[3075]: Caught signal 15. Cleaning up and
terminating.
        Apr 11 12:28:26 noisy saslauthd[3185]: START: saslauthd 2.1.0
        Apr 11 12:28:26 noisy saslauthd[3190]: master PID is: 3190
        Apr 11 12:28:26 noisy saslauthd[3190]: daemon started, listening on
/var/run/saslauthd/mux
        Apr 11 12:30:15 noisy imapd[3229]: Could not open /etc/sasldb2:
gdbm_errno=3
        Apr 11 12:30:15 noisy imapd[3229]: Could not open /etc/sasldb2:
gdbm_errno=3
        Apr 11 12:30:15 noisy imapd[3229]: no secret in database
        Apr 11 12:30:18 noisy perl: No worthy mechs found

1. I don't understand why imapd tries authenticating against sasldb2 if I
told it to use
saslauthd?

2. I also cannot get 'sasl_pwcheck_method: pam' to work directly from
/etc/inetd.conf, even
   though I compiles imapd with --with-pam

        Apr 11 12:12:53 noisy imapd[2732]: unknown password verifier pam

Any help would be greatly appreciated.


Mathias

Reply via email to