Hi,
I've just installed Postfix compiled with SASL2 and Cyrus-SASL / Cyrus-Imap onto a WBEL3 server. I rebuilt both the cyrus-sasl and imap pkgs myself, so I am certain that they were built with the same version of db4. When I try to test my cyrus-Imapd connection with "cyradm", I am failing. I am getting an error "perl: No worthy mechs found.". I'm somewhat new to all this, so am not sure what this means. Any help will be greatly appreciated.
Right now, I have the following packages installed: cyrus-sasl-plain-2.1.18-1 cyrus-sasl-2.1.18-1 cyrus-sasl-gssapi-2.1.18-1 cyrus-sasl-md5-2.1.18-1 cyrus-sasl-devel-2.1.18-1 cyrus-imapd-utils-2.2.3-8 cyrus-imapd-2.2.3-8 postfix-2.1.1.1-1 (compiled for MySQL, sasl2, VDA)
I am following the Postfix-Cyrus-Web-cyradm-HOWTO. My command line is the following:
saslpasswd2 -c cyrus Password: secret Again (for verification): secret
When I try to connect with cyradm:
cyradm --user cyrus --server localhost --auth plain Password: secret IMAP Password: secret
I get the following errors in my /var/log/auth.log: May 10 00:47:21 linuxmail perl: No worthy mechs found May 10 00:52:01 linuxmail imap(pam_unix)[31961]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= user=cyrus May 10 00:52:01 linuxmail saslauthd[31961]: pam_sm_authenticate called. May 10 00:52:01 linuxmail saslauthd[31961]: dbuser changed. May 10 00:52:01 linuxmail saslauthd[31961]: dbpasswd changed. May 10 00:52:01 linuxmail saslauthd[31961]: host changed. May 10 00:52:01 linuxmail saslauthd[31961]: database changed. May 10 00:52:01 linuxmail saslauthd[31961]: table changed. May 10 00:52:01 linuxmail saslauthd[31961]: usercolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: passwdcolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: crypt changed. May 10 00:52:01 linuxmail saslauthd[31961]: logtable changed. May 10 00:52:01 linuxmail saslauthd[31961]: logmsgcolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: logusercolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: loghostcolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: logpidcolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: logtimecolumn changed. May 10 00:52:01 linuxmail saslauthd[31961]: db_connect called. May 10 00:52:01 linuxmail saslauthd[31961]: returning 0 . May 10 00:52:01 linuxmail saslauthd[31961]: db_checkpasswd called. May 10 00:52:01 linuxmail saslauthd[31961]: pam_mysql: where clause = May 10 00:52:01 linuxmail saslauthd[31961]: SELECT password FROM accountuser WHERE username='cyrus' May 10 00:52:01 linuxmail saslauthd[31961]: pam_mysql: select returned an invalid encrypted password May 10 00:52:01 linuxmail saslauthd[31961]: returning 7 . May 10 00:52:01 linuxmail saslauthd[31961]: returning 7 after db_checkpasswd. May 10 00:52:04 linuxmail saslauthd[31961]: DEBUG: auth_pam: pam_authenticate failed: Authentication failure May 10 00:52:04 linuxmail saslauthd[31961]: do_auth : auth failure: [user=cyrus] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
What does your PAM config file look like? Since to appear to be using saslauthd and pam_mysql for plaintext authentication, this is where your problem lies.
/var/log/maillog: May 10 01:12:50 linuxmail imap[31979]: accepted connection May 10 01:12:50 linuxmail master[32099]: about to exec /usr/lib/cyrus-imapd/imapd May 10 01:12:50 linuxmail imap[32099]: executed May 10 01:13:00 linuxmail imap[31979]: badlogin: localhost.localdomain [127.0.0.1] PLAIN [SASL(-4): no mechanism available: security flags do not match required] May 10 01:13:11 linuxmail imap[31979]: badlogin: localhost.localdomain [127.0.0.1] plaintext cyrus SASL(-13): authentication failure: checkpass failed
Like I said, I'm somewhat new to all this, so do not entirely understand what these log messages are telling me. What does "No worthy mech found" mean? Secondly, why would I get a pam_mysql: select returned an invalid encrypted password? I'm trying to use plain passwords for the moment, until I am certain everything is working. My passwords in my MySql DB are in plain text.
Any help would be greatly appreciated!
Thanks!
Eric
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
-- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key-- http://www.oceana.com/~ken/ksm.pgp
--- Cyrus Home Page: http://asg.web.cmu.edu/cyrus Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
