LinuxQuestions.org
Visit the LQ Articles and Editorials section
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 07-06-2005, 11:07 PM   #1
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Rep: Reputation: 30
cyrus-imapd authenticating via saslauthd


I am trying to get my IMAP server (cyrus-imapd) to authenticate using saslauthd. I am getting the following error in the /var/log/messages file when attempting to authenticate:

Jul 6 23:03:54 mail imap[6230]: cannot connect to saslauthd server: Permission denied

Now, I've looked at the permissions of the /var/run/saslauthd/mux file and all directories in the path. Everyone has -x permission on the directories and permissions are 777 on the mux.

So, I've been reading that imapd might be looking in a different place for saslauthd's socket, so I added the following line to my /etc/imapd.conf file just to make sure that it was going to the right place:

sasl_saslauthd_path: /var/run/saslauthd/mux


I'm still getting the error. What should I try now?
 
Old 07-07-2005, 03:54 AM   #2
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
in your cyrus deamon config file: imap.conf, or imapd.conf, in /etc i think it is, you need to set the 'admin' username (cyrus?)
dont forget to restart the service, to reread the config file
with sasl you run saslpasswd cyrus (you might need an option for adding a user perhaps -a) so saslpasswd -a cyrus
you will be promted for a password which you want to assign to this user
login to cyradm -u cyrus localhost (i assume... - havent done it in some time!)
 
Old 07-07-2005, 04:51 PM   #3
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
I tried what you suggested, and I haven't been able to get this resolved yet. The imapd.conf file already had cyrus as the admin. I set the password for cyrus, but the account seems to have already been created. I'm not sure exactly what I can do in cyradm to resolve this issue. Could you expound on what should be done in cyradm? Thanks so much for the help.
 
Old 07-07-2005, 05:28 PM   #4
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
this is the only thing i found in my old config file, i dont run my mailserver anymore!
sasl_pwcheck_method: saslauthd

also, if you are running postfix, have a look in this dir:
/var/spool/postfix/var/run/saslauthd

i shall powerup my mailserver on sat and have a look for you, perhaps i can find some stuff that might help.
unfort. it is late here already, so i shal go to bed, and i am out tomorrow evening. hope sat is fine with you.
 
Old 07-07-2005, 06:11 PM   #5
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
I would certainly appreciate it.
 
Old 07-07-2005, 11:35 PM   #6
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
When I'm running cyradm, I'm seeing it prompt me for "IMAP Password:". I don't know where this is set. Perhaps the issue is that the imapd daemon is trying to connect to the mux successfully, but is being rejected by the saslauthd daemon itself. However, I don't know where to set what password imapd gives saslauthd either. Can anyone enlighten me on how these two daemons interact?
 
Old 07-08-2005, 03:48 AM   #7
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
this password is set with
#saslpasswd [-a|-x|...] <cyrus_username>
you need to run cyradm with the username cyrus
so either:
#su cyrus
and then run cyradm
or:
#cyradm -u cyrus localhost
-u secifies the username you wish to use to connect to the cyrus imap server
 
Old 07-08-2005, 02:26 PM   #8
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
I made sure that I knew the password for the cyrus admin (cyrus). I tried both approaches you suggested, but this output is from my su - cyrus attempt.

bash-3.00$ cyradm -auth PLAIN localhost
Password:
IMAP Password:
Login failed: generic failure at /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with PLAIN as cyrus
 
Old 07-09-2005, 05:23 AM   #9
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
r u running sasl2?
i dont even find the sasl socket anywhere on my computer!!
and it is working fine!
you want ssh access to sniff arround yourself?
 
Old 07-10-2005, 12:35 PM   #10
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
I don't really feel comfortable SSH'ing to your machine, but I certainly appreciate the offer.

I'm not running sasl2 to my knowledge. When I do a ps -ef | grep sasl, all I see is saslauthd. Do I need to be running sasl2? What's the difference? Thanks so much for all the help, Nathanael.
 
Old 07-11-2005, 11:39 PM   #11
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
*bump*
 
Old 07-12-2005, 04:27 AM   #12
Nathanael
Member
 
Registered: May 2004
Location: Karlsruhe, Germany
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940

Rep: Reputation: 32
*bump* what?
 
Old 07-12-2005, 10:14 AM   #13
gauge73
Member
 
Registered: Jan 2003
Location: Dallas, TX
Distribution: Fedora Core 4
Posts: 420

Original Poster
Rep: Reputation: 30
I was just trying to get the thread to the top of the forum to get a few more views. I'm accepting defeat on this one, though. I just went with dovecot instead.
 
Old 08-02-2005, 03:58 AM   #14
judgeice
LQ Newbie
 
Registered: Aug 2005
Posts: 1

Rep: Reputation: 0
cyradm --user mail0001 --server localhost --auth plain
> > Password:
> > IMAP Password:
> > Login failed: authentication failure
> > at /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-
> > multi/Cyrus/IMAP/Admin.pm line 118
> > cyradm: cannot authenticate to server with plain as mail0001
> >
> > This was a real head-banger. The problem is that redhat starts
> > saslauthd with shadow authentication mechanism by defualt. However, we
> > need pam authentication. To change this, edit the file:
> > /etc/sysconfig/saslauthd
> > Where it says:
> > MECH=shadow
> > Change it to:
> > MECH=pam
> > Save, close and (re)start saslauthd. You can now use the built-in
> > "/etc/init.d/saslauthd start" script to start this service.
> >
> > 8. Make sure all required processes are running:
> > $ /etc/init.d/httpd start
> > $ /etc/init.d/mysqld start
> > $ /etc/init.d/cyrus-imapd start
> > $ postfix start
> > $ /etc/init.d/saslauthd start
> >
> > Well, that's how I got it to work! Let me know if there are any
> > errors/omissions...
> >
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Cyrus-imapd Question zolo44 Linux - Software 0 10-10-2005 02:20 PM
cyrus-imapd problems krille Linux - Newbie 1 04-13-2005 07:16 PM
Evolution Sendmail and Cyrus imapd Kroenecker Linux - Newbie 10 11-22-2004 02:11 AM
Cyrus imapd and subfolders Fonk Linux - Software 0 10-01-2004 08:12 PM
Cyrus-Imapd Doesn't Work aquiz Linux - Software 0 09-09-2004 06:44 PM


All times are GMT -5. The time now is 05:27 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration