Hi, folks.
On Nov 18, 2008, at 1:39 AM, Vladimir V. Kamarzin wrote:
Can you run saslauthd with options "-a pam -n 0" and test it with
testsaslauthd?
Sure.
testsaslauthd -u relay -p 1234 - works or not? I think that current
cyrus-sasl
is broken in this place.
It does not work for me with "pam". In order to get the testsaslauthd
command to work against regular shell accounts, I have to use the
"shadow" mechanism, either by setting it in /etc/sysconfig/saslauthd,
or on the command-line.
"-a pam -n 0" - works fine.
"-a pam" - works for 3-4 times, than stop working:
...
1569 0.0 0.0 0 0 ? Z Nov17 0:00 [saslauthd]
<defunct>
Do you confirm same behavior of saslauthd?
I'm afraid I cannot. On my system (CentOS 5.2 and cyrus-sasl RPM
2.1.22.4), the testsaslauthd command behaves consistently, and does
not cause the server process to go defunct, no matter how many times I
run it (I tried 100 times).
So, to summarize so far:
I have gotten the command "testsaslauthd -u relay -p 1234" to work as
long as
1) there is a shell account with username "relay" and password
"1234"
2) saslauthd is run with the "shadow" mechanism
Also, my testsaslauthd seems pretty stable, despite several credible
reports to the contrary on this mailing list.
Thanks again to both of you for your helpful suggestions. I will now
try Dan's suggestion of using the sample-client utility to verify the
authentication before I move on to Postfix config.
- Ann
