Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I am trying to get my IMAP server (cyrus-imapd) to authenticate using saslauthd. I am getting the following error in the /var/log/messages file when attempting to authenticate:
Jul 6 23:03:54 mail imap[6230]: cannot connect to saslauthd server: Permission denied
Now, I've looked at the permissions of the /var/run/saslauthd/mux file and all directories in the path. Everyone has -x permission on the directories and permissions are 777 on the mux.
So, I've been reading that imapd might be looking in a different place for saslauthd's socket, so I added the following line to my /etc/imapd.conf file just to make sure that it was going to the right place:
sasl_saslauthd_path: /var/run/saslauthd/mux
I'm still getting the error. What should I try now?
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940
Rep:
in your cyrus deamon config file: imap.conf, or imapd.conf, in /etc i think it is, you need to set the 'admin' username (cyrus?)
dont forget to restart the service, to reread the config file
with sasl you run saslpasswd cyrus (you might need an option for adding a user perhaps -a) so saslpasswd -a cyrus
you will be promted for a password which you want to assign to this user
login to cyradm -u cyrus localhost (i assume... - havent done it in some time!)
I tried what you suggested, and I haven't been able to get this resolved yet. The imapd.conf file already had cyrus as the admin. I set the password for cyrus, but the account seems to have already been created. I'm not sure exactly what I can do in cyradm to resolve this issue. Could you expound on what should be done in cyradm? Thanks so much for the help.
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940
Rep:
this is the only thing i found in my old config file, i dont run my mailserver anymore!
sasl_pwcheck_method: saslauthd
also, if you are running postfix, have a look in this dir:
/var/spool/postfix/var/run/saslauthd
i shall powerup my mailserver on sat and have a look for you, perhaps i can find some stuff that might help.
unfort. it is late here already, so i shal go to bed, and i am out tomorrow evening. hope sat is fine with you.
When I'm running cyradm, I'm seeing it prompt me for "IMAP Password:". I don't know where this is set. Perhaps the issue is that the imapd daemon is trying to connect to the mux successfully, but is being rejected by the saslauthd daemon itself. However, I don't know where to set what password imapd gives saslauthd either. Can anyone enlighten me on how these two daemons interact?
Distribution: debian, gentoo, os x (darwin), ubuntu
Posts: 940
Rep:
this password is set with
#saslpasswd [-a|-x|...] <cyrus_username>
you need to run cyradm with the username cyrus
so either:
#su cyrus
and then run cyradm
or:
#cyradm -u cyrus localhost
-u secifies the username you wish to use to connect to the cyrus imap server
I made sure that I knew the password for the cyrus admin (cyrus). I tried both approaches you suggested, but this output is from my su - cyrus attempt.
bash-3.00$ cyradm -auth PLAIN localhost
Password:
IMAP Password:
Login failed: generic failure at /usr/lib/perl5/site_perl/5.8.6/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 118
cyradm: cannot authenticate to server with PLAIN as cyrus
I don't really feel comfortable SSH'ing to your machine, but I certainly appreciate the offer.
I'm not running sasl2 to my knowledge. When I do a ps -ef | grep sasl, all I see is saslauthd. Do I need to be running sasl2? What's the difference? Thanks so much for all the help, Nathanael.
I was just trying to get the thread to the top of the forum to get a few more views. I'm accepting defeat on this one, though. I just went with dovecot instead.
cyradm --user mail0001 --server localhost --auth plain
> > Password:
> > IMAP Password:
> > Login failed: authentication failure
> > at /usr/lib/perl5/site_perl/5.8.5/i386-linux-thread-
> > multi/Cyrus/IMAP/Admin.pm line 118
> > cyradm: cannot authenticate to server with plain as mail0001
> >
> > This was a real head-banger. The problem is that redhat starts
> > saslauthd with shadow authentication mechanism by defualt. However, we
> > need pam authentication. To change this, edit the file:
> > /etc/sysconfig/saslauthd
> > Where it says:
> > MECH=shadow
> > Change it to:
> > MECH=pam
> > Save, close and (re)start saslauthd. You can now use the built-in
> > "/etc/init.d/saslauthd start" script to start this service.
> >
> > 8. Make sure all required processes are running:
> > $ /etc/init.d/httpd start
> > $ /etc/init.d/mysqld start
> > $ /etc/init.d/cyrus-imapd start
> > $ postfix start
> > $ /etc/init.d/saslauthd start
> >
> > Well, that's how I got it to work! Let me know if there are any
> > errors/omissions...
> >
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.