>>>>> On 18 Nov 2008 at 02:52 "AO" == Ann Onemouse writes: AO> When I start up SASL with "service saslauthd start", here's what's AO> running: AO> ================================== AO> [root@emailrelay ~]# ps auxwww | grep sasl AO> root 4828 0.0 0.3 46648 804 ? Ss 16:10 0:00 /usr/ AO> sbin/saslauthd -m /var/run/saslauthd -a pam AO> ================================== AO> It's using PAM, right? It should work with any shell account I create, AO> right? AO> So, I create a regular Unix shell account, set the password to AO> '1234', and verify that I can login as the user in question. AO> ================================== AO> ann@some-other-host:~> ssh relay@xxxxxxxxxxxxxxxxxxxxxxx AO> relay@xxxxxxxxxxxxxxxxxxxxxxx's password: [ here I type '1234' ] AO> Last login: Mon Nov 17 16:06:15 2008 from xxx.xxx.xxx.xxx AO> [relay@emailrelay ~]$ AO> ================================== AO> OK, shell login works. Later, if I can get this working, I will set AO> the shell to "/sbin/nologin". AO> Now, at this point, SASL should authenticate against these credentials AO> with no problem, right? So, why won't this work? AO> ================================== AO> [root@emailrelay ~]# testsaslauthd -u relay -p 1234 AO> 0: NO "authentication failed" AO> ================================== AO> and from /var/log/messages... AO> ================================== AO> Nov 17 16:47:49 emailrelay saslauthd[4831]: do_auth : auth AO> failure: [user=relay] [service=imap] [realm=] [mech=pam] [reason=PAM AO> auth error] AO> ================================== Can you run saslauthd with options "-a pam -n 0" and test it with testsaslauthd? testsaslauthd -u relay -p 1234 - works or not? I think that current cyrus-sasl is broken in this place. "-a pam -n 0" - works fine. "-a pam" - works for 3-4 times, than stop working: [root@ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar 0: OK "Success." [root@ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar 0: OK "Success." [root@ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar ^[[A [root@ve116-postfix-stand tmp]# testsaslauthd -u foo -p bar connect() : No such file or directory # ps aux |grep sasla root 1540 0.0 0.0 5256 972 ? Ss Nov17 0:00 /usr/sbin/saslauthd -a pam root 1541 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct> root 1542 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct> root 1543 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct> root 1544 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct> root 1569 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd] <defunct> Do you confirm same behavior of saslauthd? -- vvk
