|
Hi, thanks a lot for your answers. Finally I did it so: First I built sasl 2.1.25 with ldap mechanism (I need it) and only it were created statics libraries. Second, I replaced sasl libs (/usr/local/lib/libsasl2.* and /usr/local/lib/sasl2/*) with the libraries from cyrus sasl package from sunfreeware (wich creates share libraries but not includes ldap support). # /usr/local/sbin/saslauthd -v saslauthd 2.1.25 authentication mechanisms: getpwent pam rimap shadow ldap I don't nkow if that is correct or imprudent but at the moment it works fine.... any comment? Ana. On 01/12/11 12:34 +0100, Ana D?ez wrote:Hi, I'm working to configure SASL (2.1.25) with Postfix 2.7.1. in Solaris 10. I'm running saslauthd with ldap: /usr/local/sbin/saslauthd -a ldap And running manually "testsaslauthd" works ok # /usr/local/sbin/testsaslauthd -u xxxx -p xxxxx 0: OK "Success." But Postfix seems to ignore the "pwcheck_method". Although I set it as "saslauthd", I receive "could not find auxprop plugin, was searching for '[all]'", "SASL PLAIN authentication failed: no mechanism available" im my logs. The file /usr/local/lib/sasl2/smtpd.conf:I believe Postfix overwrites the confdir path via a callback. It appears that it is: *path = concatenate(var_config_dir, "/", "sasl:/usr/lib/sasl2", (char *) 0); For example: /etc/postfix/sasl:/usr/lib/sasl2 You'll need to place your smtpd.conf file into one of those two directories for libsasl2 to see it.I have already links from those directories to smtpd.confpwcheck_method: saslauthd mech_list: PLAIN LOGIN saslauthd_path: /var/state/saslauthd/saslauthd_path should include the full path to the mux, e.g.: saslauthd_path: /var/state/saslauthd/muxOk, I have made this change.If you happen to be running postfix chrooted (within master.cf), then that will affect where postfix (and libsasl2) will look for the saslauthd mux.The Postfix configuration: # postconf -n | grep sasl broken_sasl_auth_clients = yes smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, check_relay_domains smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_relay_domains, reject_non_fqdn_recipient smtpd_sasl_auth_enable = yes smtpd_sasl_path = smtpd smtpd_sasl_security_options = noanonymous smtpd_sasl_tls_security_options = $smtpd_sasl_security_optionsPatrick's 'saslfinger' script might help to catch some other problems.I have executed saslfinger but I didn't found any problem. Deepening, I have seen that when I built cyrus sasl only static libraries are created for auth mech: #ls -l /usr/local/lib/sasl2/ -rwxr-xr-x 1 root root 795 dic 5 15:59 libsasldb.la -rwxr-xr-x 1 root root 774 dic 5 15:59 libscram.la -rwxr-xr-x 1 root root 768 dic 5 15:59 libotp.la -rwxr-xr-x 1 root root 765 dic 5 15:59 libplain.la -rwxr-xr-x 1 root root 765 dic 5 15:59 liblogin.la -rw-r--r-- 1 root root 123568 dic 5 15:59 libsasldb.a -rw-r--r-- 1 root root 126560 dic 5 15:59 libscram.a -rw-r--r-- 1 root root 158248 dic 5 15:59 libotp.a -rw-r--r-- 1 root root 69832 dic 5 15:59 libplain.a -rw-r--r-- 1 root root 69008 dic 5 15:59 liblogin.a I still get the same problem... Thanks. Ana --
 |
