/etc/pam.d/imap
Code:
# PAM configuration file for Cyrus IMAP service
# $Id: imap.pam,v 1.3 2003/10/02 04:58:38 hmh Exp $
#
# If you want to use Cyrus in a setup where users don't have
# accounts on the local machine, you'll need to make sure
# you use something like pam_permit for account checking.
#
# Remember that SASL (and therefore Cyrus) accesses PAM
# modules through saslauthd, and that SASL can only deal with
# plaintext passwords if PAM is used.
#
@include common-auth
@include common-account
auth sufficient pam_mysql.so user=mail passwd=asdfghj host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
##auth sufficient pam_unix_auth.so
account required pam_mysql.so user=mail passwd=asdfghj host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
##account sufficient pam_unix_acct.so
# Remember that SASL (and therefore Cyrus) accesses PAM
# modules through saslauthd, and that SASL can only deal with
# plaintext passwords if PAM is used.
???
What exactly does it mean?
/usr/lib/sasl2/smtpd.conf
Code:
pwcheck_method: saslauthd
Is this where is should be?
Code:
root@camin9:~# ps aux | grep sasl
root 15613 0.0 2.2 7404 1396 ? Ss 06:03 0:00 /usr/sbin/saslauthd -a pam
root 15614 0.0 2.3 7404 1440 ? S 06:03 0:00 /usr/sbin/saslauthd -a pam
root 15615 0.0 2.4 7404 1488 ? S 06:03 0:00 /usr/sbin/saslauthd -a pam
root 15616 0.0 2.4 7404 1488 ? S 06:03 0:00 /usr/sbin/saslauthd -a pam
root 15617 0.0 1.5 6468 968 ? S 06:03 0:00 /usr/sbin/saslauthd -a pam
/etc/imapd-local.conf
Code:
postmaster: postmaster
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
allowplaintext: yes
sasl_mech_list: PLAIN
servername: aaa.xxx.rr
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
sasl_pwcheck_method: saslauthd
sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
#unixhierarchysep: yes
/etc/imapd.conf
Code:
postmaster: postmaster
servername: aaa.xxx.rr
quotawarn: 90
timeout: 30
poptimeout: 10
sieve_maxscriptsieze: 32
sieve_maxscripts: 5
reject8bit: no
configdirectory: /var/imap
defaultpartition: default
partition-default: /var/spool/imap
partition-news: /var/spool/cyrus/news
newsspool: /var/spool/news
altnamespace: no
unixhierarchysep: yes
#admins: cyrus
#imap_admins: cyrus
allowanonymouslogin: no
popminpoll: 1
autocreatequota: 10000
umask: 077
sendmail: /usr/sbin/sendmail
sieveusehomedir: false
sievedir: /var/spool/sieve
dracinterval: 0
drachost: localhost
hashimapspool: true
allowplaintext: yes
# ?? ^ problem with this? hmm..
sasl_mech_list: PLAIN
# Do note that, since sasl will be run as user cyrus, you may have a lot of
# trouble to set this up right.
#sasl_pwcheck_method: auxprop
sasl_pwcheck_method: saslauthd
sasl_auto_transition: no
tls_ca_path: /etc/ssl/certs
tls_session_timeout: 1440
tls_cipher_list: TLSv1:SSLv3:SSLv2:!NULL:!EXPORT:!DES:!LOW:@STRENGTH
# Unix domain socket that lmtpd listens on.
lmtpsocket: /var/run/cyrus/socket/lmtp
# Unix domain socket that idled listens on.
idlesocket: /var/run/cyrus/socket/idle
# Unix domain socket that the new mail notification daemon listens on.
notifysocket: /var/run/cyrus/socket/notify
tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem
from /etc/cyrus.conf :
Code:
imap cmd="imapd -U 30" listen="imap" prefork=0 maxchild=100
imaplocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imap" prefork=0
imaps cmd="imapd -s -U 30" listen="imaps" prefork=0 maxchild=100
imapslocal cmd="imapd -C /etc/imapd-local.conf" listen="127.0.0.1:imaps" prefork=0
pop3 cmd="pop3d -U 30" listen="pop3" prefork=0 maxchild=50
pop3s cmd="pop3d -s -U 30" listen="pop3s" prefork=0 maxchild=50
if i use the program smtptest -u .. -a .. localhost i've got this in syslog
Code:
Feb 14 16:32:48 c9tm postfix/smtpd[18121]: connect from localhost[127.0.0.1]
Feb 14 16:32:53 c9tm postfix/smtpd[18121]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No
such file or directory
Feb 14 16:32:53 c9tm postfix/smtpd[18121]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No
such file or directory
Feb 14 16:32:53 c9tm postfix/smtpd[18121]: warning: SASL authentication failure: no secret in database
Feb 14 16:32:53 c9tm postfix/smtpd[18121]: warning: localhost[127.0.0.1]: SASL DIGEST-MD5 authentication failed
Feb 14 16:32:57 c9tm postfix/smtpd[18121]: disconnect from localhost[127.0.0.1]
Why is it trying to use sasldb2? Shouldn't it use mysql?
I had /etc/pam.d/cyrus but I've renamed and no longer can be used and mess up things.
More info to come... just ask
I'm so dizzy...
acker