> A friend of mine has tried to get Cyrus 2.1.5 running on RHEL 3 and all
> works except sieve.
>
> Doing something like 'sieveshell -u cyrus -a cyrus' prompts for the
> password over and over.
>
> The error message I get is
> Feb 5 17:09:48 agentsmith timsieved[4172]: unable to open Berkeley db
> /etc/sasldb2: Invalid argument
> Feb 5 17:09:48 agentsmith timsieved[4172]: unable to open Berkeley db
> /etc/sasldb2: Invalid argument
> Feb 5 17:09:48 agentsmith timsieved[4172]: no secret in database
> Feb 5 17:09:48 agentsmith timsieved[4172]: badlogin:
> localhost.localdomain[127.0.0.1] DIGEST-MD5 authentication failure
>
> Seems like a problem with the auth method, but when I look in
> /etc/imapd.conf he's using saslauthd ...
>
> postmaster: postmaster
> configdirectory: /var/lib/imap/
> partition-default: /var/spool/imap
> admins: cyrus
> allowanonymouslogin: no
> allowplaintext: yes
> sasl_mech_list: PLAIN DIGEST-MD5 shadow pwcheck
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
What exactly do you want here? Since you are using saslauthd as
sasl_pwcheck_method, you very likely use PAM/shadow to authenticate. Then,
just use 'sasl_mech_list: PLAIN'. IIRC sieveshell is different from the
other cyrus tools when it comes to using different mechs. Of course you
need /etc/pam.d/sieve with proper config.
Simon
> servername: agentsmith.novussententia.com
> autocreatequota: 10000
> reject8bit: no
> quotawarn: 90
> timeout: 30
> poptimeout: 10
> sasl_pwcheck_method: saslauthd
> sievedir: /usr/sieve
> sendmail: /usr/sbin/sendmail
> sieve_maxscriptsize: 32
> sieveuserhomedir: no
> sieve_maxscripts: 5
> tls_ca_file: /var/lib/imap/cacert.pem
> tls_cert_file: /var/lib/imap/server.crt
> tls_key_file: /var/lib/imap/server.key
>
> His cyrus.conf:
>
> START {
> # do not delete this entry!
> mboxlist cmd="ctl_cyrusdb -r"
> deliver cmd="ctl_deliver -r"
> recover cmd="ctl_cyrusdb -r"
>
> # this is only necessary if using idled for IMAP IDLE
> # idled cmd="idled"
> }
>
> # UNIX sockets start with a slash and are put into /var/lib/imap/sockets
> SERVICES {
> # add or remove based on preferences
> imap cmd="imapd" listen="imap" prefork=5
> imaps cmd="imapd -s" listen="imaps" prefork=1
> #pop3 cmd="pop3d" listen="pop3" prefork=3
> #pop3s cmd="pop3d -s" listen="pop3s" prefork=1
> sieve cmd="timsieved" listen="localhost:sieve" prefork=0
> lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=0
>
> # this is only necessary if using notifications
> # notify cmd="notifyd" listen="/var/lib/imap/socket/notify"
> proto="udp" prefork=1
> }
>
> EVENTS {
> # this is required
> checkpoint cmd="ctl_cyrusdb -c" period=30
>
> # this is only necessary if using duplicate delivery suppression
> delprune cmd="ctl_deliver -E 3" at=0400
>
> # this is only necessary if caching TLS sessions
> tlsprune cmd="tls_prune" at=0400
> squatter cmd="squatter -r user" period=1440
> }
>
> He can login via IMAP just fine. I even see in the logs where it accepts
> the password as type 'plain'. Below is a strace where we try to
> authenticate via sieveshell. I see it trying to open /etc/shadow, but not
> sasldb
>
> [pid 4163] <... accept resumed> {sa_family=AF_UNIX, [EMAIL PROTECTED], [2]) = 7
> [pid 4163] fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
> len=1} <unfinished ...>
> [pid 4162] <... fcntl64 resumed> ) = 0
> [pid 4163] <... fcntl64 resumed> ) = 0
> [pid 4162] accept(5, <unfinished ...>
> [pid 4163] read(7, "\0\6", 2) = 2
> [pid 4163] read(7, "csmith", 6) = 6
> [pid 4163] read(7, "\0\5", 2) = 2
> [pid 4163] read(7, "fr00t", 5) = 5
> [pid 4163] read(7, "\0\4", 2) = 2
> [pid 4163] read(7, "smtp", 4) = 4
> [pid 4163] read(7, "\0\0", 2) = 2
> [pid 4163] socket(PF_UNIX, SOCK_STREAM, 0) = 8
> [pid 4163] connect(8, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"},
> 110) = -1 ENOENT (No such file or directory)
> [pid 4163] close(8) = 0
> [pid 4163] open("/etc/nsswitch.conf", O_RDONLY) = 8
> [pid 4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=1686, ...}) = 0
> [pid 4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4163] read(8, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1686
> [pid 4163] read(8, "", 4096) = 0
> [pid 4163] close(8) = 0
> [pid 4163] munmap(0xb75ea000, 4096) = 0
> [pid 4163] open("/etc/ld.so.cache", O_RDONLY) = 8
> [pid 4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=38297, ...}) = 0
> [pid 4163] old_mmap(NULL, 38297, PROT_READ, MAP_PRIVATE, 8, 0) =
> 0xb75e1000
> [pid 4163] close(8) = 0
> [pid 4163] open("/lib/libnss_files.so.2", O_RDONLY) = 8
> [pid 4163] read(8,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512
> [pid 4163] fstat64(8, {st_mode=S_IFREG|0755, st_size=51924, ...}) = 0
> [pid 4163] old_mmap(NULL, 46720, PROT_READ|PROT_EXEC, MAP_PRIVATE, 8, 0)
> = 0xb73ce000
> [pid 4163] old_mmap(0xb73d9000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 8, 0xa000) = 0xb73d9000
> [pid 4163] close(8) = 0
> [pid 4163] munmap(0xb75e1000, 38297) = 0
> [pid 4163] open("/etc/passwd", O_RDONLY) = 8
> [pid 4163] fcntl64(8, F_GETFD) = 0
> [pid 4163] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
> [pid 4163] fstat64(8, {st_mode=S_IFREG|0644, st_size=2261, ...}) = 0
> [pid 4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4163] read(8, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2261
> [pid 4163] close(8) = 0
> [pid 4163] munmap(0xb75ea000, 4096) = 0
> [pid 4163] time(NULL) = 1076018980
> [pid 4163] open("/etc/shadow", O_RDONLY) = 8
> [pid 4163] fcntl64(8, F_GETFD) = 0
> [pid 4163] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
> [pid 4163] fstat64(8, {st_mode=S_IFREG|0600, st_size=1863, ...}) = 0
> [pid 4163] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4163] read(8, "root:$1$q5CN0a6g$EKr/kJsRo5u9IMS"..., 4096) = 1863
> [pid 4163] close(8) = 0
> [pid 4163] munmap(0xb75ea000, 4096) = 0
> [pid 4163] write(7, "\0\2", 2) = 2
> [pid 4163] write(7, "OK", 2) = 2
> [pid 4163] close(7) = 0
> [pid 4163] fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0,
> len=1} <unfinished ...>
> [pid 4162] <... accept resumed> {sa_family=AF_UNIX, [EMAIL PROTECTED], [2]) = 7
> [pid 4162] fcntl64(6, F_SETLKW, {type=F_UNLCK, whence=SEEK_SET, start=0,
> len=1} <unfinished ...>
> [pid 4160] <... fcntl64 resumed> ) = 0
> [pid 4162] <... fcntl64 resumed> ) = 0
> [pid 4160] accept(5, <unfinished ...>
> [pid 4162] read(7, "\0\5", 2) = 2
> [pid 4162] read(7, "cyrus", 5) = 5
> [pid 4162] read(7, "\0\5", 2) = 2
> [pid 4162] read(7, "cyru$", 5) = 5
> [pid 4162] read(7, "\0\5", 2) = 2
> [pid 4162] read(7, "sieve", 5) = 5
> [pid 4162] read(7, "\0\0", 2) = 2
> [pid 4162] socket(PF_UNIX, SOCK_STREAM, 0) = 8
> [pid 4162] connect(8, {sa_family=AF_UNIX, path="/var/run/.nscd_socket"},
> 110) = -1 ENOENT (No such file or directory)
> [pid 4162] close(8) = 0
> [pid 4162] open("/etc/nsswitch.conf", O_RDONLY) = 8
> [pid 4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=1686, ...}) = 0
> [pid 4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4162] read(8, "#\n# /etc/nsswitch.conf\n#\n# An ex"..., 4096) = 1686
> [pid 4162] read(8, "", 4096) = 0
> [pid 4162] close(8) = 0
> [pid 4162] munmap(0xb75ea000, 4096) = 0
> [pid 4162] open("/etc/ld.so.cache", O_RDONLY) = 8
> [pid 4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=38297, ...}) = 0
> [pid 4162] old_mmap(NULL, 38297, PROT_READ, MAP_PRIVATE, 8, 0) =
> 0xb75e1000
> [pid 4162] close(8) = 0
> [pid 4162] open("/lib/libnss_files.so.2", O_RDONLY) = 8
> [pid 4162] read(8,
> "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0000\35\0"..., 512) = 512
> [pid 4162] fstat64(8, {st_mode=S_IFREG|0755, st_size=51924, ...}) = 0
> [pid 4162] old_mmap(NULL, 46720, PROT_READ|PROT_EXEC, MAP_PRIVATE, 8, 0)
> = 0xb73ce000
> [pid 4162] old_mmap(0xb73d9000, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_FIXED, 8, 0xa000) = 0xb73d9000
> [pid 4162] close(8) = 0
> [pid 4162] munmap(0xb75e1000, 38297) = 0
> [pid 4162] open("/etc/passwd", O_RDONLY) = 8
> [pid 4162] fcntl64(8, F_GETFD) = 0
> [pid 4162] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
> [pid 4162] fstat64(8, {st_mode=S_IFREG|0644, st_size=2261, ...}) = 0
> [pid 4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4162] read(8, "root:x:0:0:root:/root:/bin/bash\n"..., 4096) = 2261
> [pid 4162] close(8) = 0
> [pid 4162] munmap(0xb75ea000, 4096) = 0
> [pid 4162] time(NULL) = 1076018993
> [pid 4162] open("/etc/shadow", O_RDONLY) = 8
> [pid 4162] fcntl64(8, F_GETFD) = 0
> [pid 4162] fcntl64(8, F_SETFD, FD_CLOEXEC) = 0
> [pid 4162] fstat64(8, {st_mode=S_IFREG|0600, st_size=1863, ...}) = 0
> [pid 4162] mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
> MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb75ea000
> [pid 4162] read(8, "root:$1$q5CN0a6g$EKr/kJsRo5u9IMS"..., 4096) = 1863
> [pid 4162] close(8) = 0
> [pid 4162] munmap(0xb75ea000, 4096) = 0
> [pid 4162] write(7, "\0\2", 2) = 2
> [pid 4162] write(7, "OK", 2) = 2
> [pid 4162] close(7) = 0
> [pid 4162] fcntl64(6, F_SETLKW, {type=F_WRLCK, whence=SEEK_SET, start=0,
> len=1} <unfinished ...>
>
> Any idea on what's going wrong?
>
> --
> Brian
> ---
> Home Page: http://asg.web.cmu.edu/cyrus
> Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
