LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices

Reply
 
Search this Thread
Old 07-27-2009, 09:03 PM   #1
Fredzo1966
LQ Newbie
 
Registered: Jul 2009
Distribution: Slackware
Posts: 2

Rep: Reputation: 0
Getting saslauthd to work with NIS passwd/shadow


Good day!

I am setting up a box with Slackware 10.0 (a 2.4 kernel), Sendmail 8.13.8 and Cyrus-SASL 2.1.19 to serve solely as an SMTP outbound MTA for customers, using SMTP AUTH. I have been able to build and install the above packages, and running "saslauthd -a shadow" with a few local test user accounts works like a champ just like it does on every other box I've ever set up. But when I take out those test user accounts and bind to NIS to get the real user data from the main server, SMTP AUTH breaks and I think it's because saslauthd is looking for a "real" shadow file, not the shadow-merged passwd file that NIS provides.

I ran across an article that said to switch the mech for saslauthd to PAM when using LDAP or NIS, but of course PAM is not installed on this Slackware machine and (although this may reveal my mid-to-intermediate skill level) I didn't think NIS had anything to do with PAM. Another article made a reference to being unable to publish just the shadow data, but that article was in a different context altogether than my current problem.

Does anyone know how to get saslauthd to play well on an NIS client so that I can maintain my customer accounts on the main server? My RADIUS servers play nicely with NIS. ;-)

Here are the syslog entries from "messages" when I try to use an email client to authenticate, but I don't get any clues from this:

Jul 27 20:16:32 smtp saslauthd[5827]: detach_tty : master pid is: 5827
Jul 27 20:16:32 smtp saslauthd[5827]: ipc_init : listening on socket: /var/state/saslauthd/mux
Jul 27 20:24:46 smtp saslauthd[5830]: do_auth : auth failure: [user=fred] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
Jul 27 20:24:58 smtp saslauthd[5831]: do_auth : auth failure: [user=fred] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
Jul 27 20:25:03 smtp saslauthd[5827]: do_auth : auth failure: [user=ben] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
Jul 27 20:25:17 smtp saslauthd[5827]: server_exit : master exited: 5827
Jul 27 20:25:18 smtp saslauthd[5892]: detach_tty : master pid is: 5892
Jul 27 20:25:18 smtp saslauthd[5892]: ipc_init : listening on socket: /var/state/saslauthd/mux
Jul 27 20:25:30 smtp saslauthd[5893]: do_auth : auth failure: [user=ben] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
Jul 27 20:25:34 smtp saslauthd[5894]: do_auth : auth failure: [user=fred] [service=smtp] [realm=] [mech=shadow] [reason=Unknown]
Jul 27 20:32:19 smtp saslauthd[5892]: server_exit : master exited: 5892

Any help that would avoid me having to manually copy over shadow files would be greatly appreciated.

Thanks!

-- Fred
 
Old 11-03-2009, 04:08 PM   #2
Fredzo1966
LQ Newbie
 
Registered: Jul 2009
Distribution: Slackware
Posts: 2

Original Poster
Rep: Reputation: 0
Solution Found

I came across this question of my own while Googling and realized that I hadn't posted a note that I found the solution. For anyone else who runs across this, the problem was that my Makefile under /var/yp was set such that the passwd/shadow files should be combined. When I changed the MERGE_PASSWD parameter to "false" and ran "make" to publish the changes to the clients, everything started working just fine and my Sendmail SMTP-AUTH/TLS clients could authenticate. My FreeRADIUS servers apparently can handle authentication in either the passwd or shadow paradigm, whereas SASL on my Sendmail box was looking for a shadow file only.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
/etc/passwd & /etc/shadow a7mlinux Linux - General 2 08-02-2009 01:19 PM
migrating /etc/passwd (and shadow) between machines: why should it work? genmaicha Linux - Newbie 3 05-14-2009 04:43 PM
passwd shadow problem rblampain Linux - Distributions 2 10-04-2005 01:00 AM
/etc/passwd or /etc/shadow? tiger7007 Linux - Security 2 03-21-2004 05:41 AM
Migrate from older passwd/shadow to NIS JesteR Linux - General 0 11-28-2001 07:03 AM


All times are GMT -5. The time now is 05:08 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration