LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Slackware (http://www.linuxquestions.org/questions/slackware-14/)
-   -   postfix +Cyrus SASL authentication problem + pam-mysql+mysql database (http://www.linuxquestions.org/questions/slackware-14/postfix-cyrus-sasl-authentication-problem-pam-mysql-mysql-database-879782/)

kibirango 05-10-2011 02:27 AM

postfix +Cyrus SASL authentication problem + pam-mysql+mysql database
 
hullo slackWare Users,
Pam-mysql can not connect to the database and below are my configurations.
saslfinger -s Output:
root@mailbackup:/# saslfinger -s
saslfinger - postfix Cyrus sasl configuration Tue May 10 10:12:10 EAT 2011
version: 1.0.2
mode: server-side SMTP AUTH

-- basics --
Postfix: 2.7.2
System: Slackware 13.1.0

-- smtpd is linked to --
libsasl2.so.2 => /usr/local/lib/libsasl2.so.2 (0x00007f74ebfb7000)

-- active SMTP AUTH and TLS parameters for smtpd --
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = /usr/lib64/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = cyrus


-- listing of /usr/lib64/sasl2 --
total 1444
drwxr-xr-x 2 root root 4096 May 6 16:29 .
drwxr-xr-x 9 root root 4096 May 4 16:27 ..
-rw-r--r-- 1 root root 493 Apr 15 11:09 1smtpw
-rwxr-xr-x 1 root root 800 May 4 16:27 libanonymous.la
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so.2
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so.2.0.23
-rwxr-xr-x 1 root root 796 May 4 16:27 libldapdb.la
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so.2
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so.2.0.23
-rwxr-xr-x 1 root root 776 May 4 16:27 liblogin.la
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so.2
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so.2.0.23
-rwxr-xr-x 1 root root 776 May 4 16:27 libplain.la
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so.2
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so.2.0.23
-rwxr-xr-x 1 root root 828 May 4 16:27 libsasldb.la
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so.2
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so.2.0.23
-rwxr-xr-x 1 root root 778 May 4 16:27 libsql.la
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so.2
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so.2.0.23
-rw-r--r-- 1 root root 572 May 9 10:49 smtpd.conf

-- listing of /usr/local/lib/sasl2 --
total 1444
drwxr-xr-x 2 root root 4096 May 6 16:29 .
drwxr-xr-x 9 root root 4096 May 4 16:27 ..
-rw-r--r-- 1 root root 493 Apr 15 11:09 1smtpw
-rwxr-xr-x 1 root root 800 May 4 16:27 libanonymous.la
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so.2
-rwxr-xr-x 1 root root 65096 May 4 16:27 libanonymous.so.2.0.23
-rwxr-xr-x 1 root root 796 May 4 16:27 libldapdb.la
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so.2
-rwxr-xr-x 1 root root 65960 May 4 16:27 libldapdb.so.2.0.23
-rwxr-xr-x 1 root root 776 May 4 16:27 liblogin.la
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so.2
-rwxr-xr-x 1 root root 67354 May 4 16:27 liblogin.so.2.0.23
-rwxr-xr-x 1 root root 776 May 4 16:27 libplain.la
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so.2
-rwxr-xr-x 1 root root 67064 May 4 16:27 libplain.so.2.0.23
-rwxr-xr-x 1 root root 828 May 4 16:27 libsasldb.la
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so.2
-rwxr-xr-x 1 root root 115046 May 4 16:27 libsasldb.so.2.0.23
-rwxr-xr-x 1 root root 778 May 4 16:27 libsql.la
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so.2
-rwxr-xr-x 1 root root 85392 May 4 16:27 libsql.so.2.0.23
-rw-r--r-- 1 root root 572 May 9 10:49 smtpd.conf




-- content of /usr/lib64/sasl2/smtpd.conf --
#Global Parameters
log_level: 7
allow_plaintext: true
#pwcheck_method: auxprop
pwcheck_method: auxprop saslauthd
auxprop_plugin: mysql
mech_list: plain login
sql_engine: mysql
sql_database: postfix
sql_user: --- replaced ---
sql_hostnames:127.0.0.1
sql_passwd: --- replaced ---
sql_select: select password from mailbox where username='mkk@bedrock.mak.ac.ug' AND active ='1'
#sql_select: select password from mailbox where username='%u@%r' AND active ='1'
# --------- saslauthd parameters-------------#
saslauthd_path : /var/state/saslauthd/mux
#saslauthd_path : /var/state/saslauthd

-- content of /usr/local/lib/sasl2/smtpd.conf --
#Global Parameters
log_level: 7
allow_plaintext: true
#pwcheck_method: auxprop
pwcheck_method: auxprop saslauthd
auxprop_plugin: mysql
mech_list: plain login
sql_engine: mysql
sql_database: postfix
sql_user: --- replaced ---
sql_hostnames:127.0.0.1
sql_passwd: --- replaced ---
sql_select: select password from mailbox where username='mkk@bedrock.mak.ac.ug' AND active ='1'
#sql_select: select password from mailbox where username='%u@%r' AND active ='1'
# --------- saslauthd parameters-------------#
saslauthd_path : /var/state/saslauthd/mux
#saslauthd_path : /var/state/saslauthd


-- active services in /etc/postfix/master.cf --
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - n - - smtpd -v
-o smtpd_sasl_auth_enable=yes
pickup fifo n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
-o smtp_fallback_relay=
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
maildrop unix - n n - - pipe
flags=ODRhu user=popmail:popmail argv=/usr/bin/maildrop -w 90 -d ${user}@${nexthop}
${extension} ${recipient} ${user} ${nexthop}
cyrus unix - n n - - pipe
user=cyrus argv=/cyrus/bin/deliver -e -r ${sender} -m ${extension} ${user}
old-cyrus unix - n n - - pipe
flags=R user=cyrus argv=/cyrus/bin/deliver -e -m ${extension} ${user}

-- mechanisms on localhost --
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN

root@xxxxx:/# cat /etc/pam.d/smtp

auth required /lib/security/pam_mysql.so user=mailnew passwd=post2011new host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1

account sufficient /lib/security/pam_mysql.so user=mailnew passwd=post2011new host=127.0.0.1 db=postfix table=mailbox usercolumn=username passwdcolumn=password crypt=1

root@xxxxx:/# cat /etc/sysconfig/saslauthd
SOCKETDIR=/var/state/saslauthd
MECH=pam
FLAGS="-r"

root@xxxxx:/# cat /etc/default/saslauthd
# This needs to be uncommented before saslauthd will be run automatically
START=yes

PWDIR="/var/state/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
#PIDFILE="${PWDIR}/saslauthd.pid"

# You must specify the authentication mechanisms you wish to use.
# This defaults to "pam" for PAM support, but may also include
# "shadow" or "sasldb", like this:
# MECHANISMS="pam shadow"

MECHANISMS="pam"

# Other options (default: -c)
# See the saslauthd man page for information about these options.
#
# Example for postfix users: "-c -m /var/state/saslauthd"
# Note: See /usr/share/doc/sasl2-bin/README.Debian
OPTIONS="-c"
THREADS=5

#make sure you set the options here otherwise it ignores params above and will not work
OPTIONS="-c -m /var/state/saslauthd -r"


root@xxxx:/# telnet localhost 25
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 xxxx.xx.xx.xx ESMTP Postfix
ehlo localhost
250-xxxx.xx.xx.xx
250-PIPELINING
250-SIZE 15000000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN

500 5.5.2 Error: bad syntax
AUTH LOGIN
334 VXNlcm5hbWU6

334 UGFzc3dvcmQ6

535 5.7.8 Error: authentication failed: generic failure
^Cquit
exit
Connection closed by foreign host.
root@mailbackup:/# testsaslauthd -u user@domain -p xxxx3 -f /var/state/saslauthd/mux -s smtp
connect() : No such file or directory

Errors found:
root@xxxx:/# tail -f var/log/auth
May 10 09:49:29 mailbkp postfix/smtpd[19513]: sql_select option missing
May 10 09:49:29 mailbkp postfix/smtpd[19513]: auxpropfunc error no mechanism available
May 10 09:49:29 mailbkp postfix/smtpd[19513]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
May 10 09:49:29 mailbkp postfix/smtpd[19513]: auxpropfunc error invalid parameter supplied
May 10 09:49:29 mailbkp postfix/smtpd[19513]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb
May 10 10:12:10 mailbkp postfix/smtpd[19570]: sql_select option missing
May 10 10:12:10 mailbkp postfix/smtpd[19570]: auxpropfunc error no mechanism available
May 10 10:12:10 mailbkp postfix/smtpd[19570]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
May 10 10:12:10 mailbkp postfix/smtpd[19570]: auxpropfunc error invalid parameter supplied
May 10 10:12:10 mailbkp postfix/smtpd[19570]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: ldapdb

535 5.7.8 Error: authentication failed: generic failure
root@xxxxx:/# testsaslauthd -u mkk@bedrock.mak.ac.ug -p mkk123 -f /var/state/saslauthd/mux -s smtp
connect() : No such file or directory

Couldsomeone ot there help on how to fix this

Thanx in advance

McDexter 12-25-2012 08:47 AM

Hi,
Did you manage to solve the problem? I have very similar problem on open suse 12.1


All times are GMT -5. The time now is 02:19 AM.