Cyrus+SASL+PAM+pam_mysql Migration problem

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi all,

I'm having a bit of a hard time doing a migration of cyrus from this:

localhost> ver
name       : Cyrus IMAPD
version    : v2.1.5 2002/06/24 19:13:27
vendor     : Project Cyrus
support-url: http://asg.web.cmu.edu/cyrus
os         : Linux
os-version : 2.4.18-19.7.x
environment: Cyrus SASL 2.1.5
             Sleepycat Software: Berkeley DB 3.2.9: (January 24, 2001)
             OpenSSL 0.9.6l 04 Nov 2003
             CMU Sieve 2.2
             DRAC
             TCP Wrappers
             lock = flock
             auth = unix
             idle = poll
             mboxlist.db = db3
             subs.db = flat
             seen.db = flat
             duplicate.db = db3-nosync
             tls.db = db3-nosync

to this:
localhost> ver
name       : Cyrus IMAPD
version    : v2.2.12-Invoca-RPM-2.2.12-3.RHEL4.1 2005/02/14 16:43:51
vendor     : Project Cyrus
support-url: http://asg.web.cmu.edu/cyrus
os         : Linux
os-version : 2.6.9-34.0.1.ELsmp
environment: Built w/Cyrus SASL 2.1.19
             Running w/Cyrus SASL 2.1.19
             Built w/Sleepycat Software: Berkeley DB 4.2.52: (December 11, 2004)
             Running w/Sleepycat Software: Berkeley DB 4.2.52: (December 11, 2004)
             Built w/OpenSSL 0.9.7a Feb 19 2003
             Running w/OpenSSL 0.9.7a Feb 19 2003
             CMU Sieve 2.2
             TCP Wrappers
             mmap = shared
             lock = fcntl
             nonblock = fcntl
             auth = unix
             idle = poll

anyway, on the old server it is a cyrus+saslauthd+pam+pam_mysql+mysql 
On the new server I got saslauthd working pretty much ok (I think).
1. it is run like this:
   # ps ax|grep sasl
   32293 ?        Ss     0:00 /usr/sbin/saslauthd -m /var/run/saslauthd -a pam -n 0

   so it uses pam,

2. pam looks like this:
   [root@mailtx1 lib]# cat /etc/pam.d/imap
#%PAM-1.0
#auth    optional        /lib/security/pam_mysql.so user=cyrus \
#   passwd=cypass host=127.0.0.1 db=email table=popusers usercolumn=alias \
#   domaincolumn=domain passwdcolumn=password crypt=0 use_relay_ip=1
#password   required     /lib/security/pam_mysql.so user=cyrus \
#   passwd=cypass host=127.0.0.1 db=email table=popusers usercolumn=alias \
#   domaincolumn=domain passwdcolumn=password crypt=0 use_relay_ip=1

auth sufficient pam_mysql.so user=cyrus passwd=cypass host=localhost \
   db=email table=popusers usercolumn=alias \
   passwdcolumn=password crypt=0
account required pam_mysql.so user=cyrus passwd=cypass host=localhost \
   db=email table=popusers usercolumn=alias \
   passwdcolumn=password crypt=0

3. [root@mailtx1 lib]# testsaslauthd -u cyrus -p PASSWORD -s imap
   0: OK "Success."

So I think I got the sasl+pam+mysql part working (but I could be wrong,
I'm pretty new to the whole cyrus world :D)

Now, my problem is that I cannot for the life of me get cyradm working.
Here is the imapd.conf:

configdirectory: /cyrus/imap
partition-default: /cyrus/spool
defaultacl: lrswipcd
admins: cyrus@domainZ=com cyrus@xxxxxxxxxxx cyrus
allowanonymouslogin: no
timeout: 400
plaintextloginpause: 0
quotawarn: 90
autocreatequota: 50000
singleinstancestore: yes

drachost: localhost
dracinterval: 600

#sasl_pwcheck_method: pam
sasl_pwcheck_method: saslauthd

loginrealms: all
sasl_auxprop_plugin: mysqlauxprop

sasl_mysql_user: cyrus
sasl_mysql_passwd: cypass
sasl_mysql_hostnames: localhost
sasl_mysql_database: email
sasl_mysql_statement: select password from popusers where alias='%u' and domain='%r'
#sasl_mysql_statement: select md5(password) from popusers where alias='%u' and domain='%r'
sasl_mysql_verbose: yes

allowplaintext: yes
#sasl_mech_list: PLAIN


sieveusehomedir: false
sievedir: /usr/local/sieve
sieve_maxscriptsize: 32
sieve_maxscripts: 5

partition-0: /cyrus/spool/0
partition-1: /cyrus/spool/1
# ... and so on ...


----------------
Here is the table structure for popuses:
mysql> select * from popusers where alias = 'cyrus';
+----------+---------+-------+-------------+----------------+
| clientid | emailid | alias | domain      | password       |
+----------+---------+-------+-------------+----------------+
|     4877 |    2301 | cyrus | domainZ.com | PASSWORd       |
+----------+---------+-------+-------------+----------------+
1 row in set (0.01 sec)


and here's when I try cyradm:
[root@mailtx1 lib]# cyradm -u cyrus localhost
Password:
cyradm: cannot authenticate to server with  as cyrus

where I used the above mentioned password.

This is what I get in the log:
Jun 27 04:18:39 mailtx1 master[691]: about to exec
/usr/lib/cyrus-imapd/imapd
Jun 27 04:18:39 mailtx1 imap[691]: executed
Jun 27 04:18:39 mailtx1 imap[691]: sql_select option missing
Jun 27 04:18:39 mailtx1 imap[691]: auxpropfunc error no mechanism available
Jun 27 04:18:39 mailtx1 imap[691]: _sasl_plugin_load failed on sasl_auxprop_plug_init for plugin: sql
Jun 27 04:18:39 mailtx1 imap[691]: accepted connection
Jun 27 04:18:39 mailtx1 imap[691]: DIGEST-MD5 server step 1
Jun 27 04:18:39 mailtx1 perl: DIGEST-MD5 client step 2
Jun 27 04:18:43 mailtx1 imap[691]: DIGEST-MD5 server step 2
Jun 27 04:18:43 mailtx1 imap[691]: could not find auxprop plugin, was searching for 'mysqlauxprop'
Jun 27 04:18:43 mailtx1 imap[691]: could not find auxprop plugin, was searching for 'mysqlauxprop'
Jun 27 04:18:43 mailtx1 imap[691]: no secret in database
Jun 27 04:18:43 mailtx1 imap[691]: badlogin: localhost [127.0.0.1] DIGEST-MD5 [SASL(-13): user not found: no secret in database]
Jun 27 04:18:46 mailtx1 perl: GSSAPI Error: Miscellaneous failure (No credentials cache found)
Jun 27 04:18:46 mailtx1 perl: NTLM client step 1
Jun 27 04:18:46 mailtx1 imap[691]: NTLM server step 1
Jun 27 04:18:46 mailtx1 imap[691]: client flags: 207
Jun 27 04:18:46 mailtx1 perl: NTLM client step 2
Jun 27 04:18:46 mailtx1 imap[691]: bad userid authenticated
Jun 27 04:18:46 mailtx1 imap[691]: badlogin: localhost [127.0.0.1] CRAM-MD5 [SASL(-13): authentication failure: bad userid authenticated]
Jun 27 04:18:49 mailtx1 perl: No worthy mechs found



I would really appreciate any tips/pointers/help on how to debug/fix
this further.

Thank you very much,
Alex
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

[Index of Archives]     [Cyrus SASL]     [Squirrel Mail]     [Asterisk PBX]     [Video For Linux]     [Photo]     [Yosemite News]     [gtk]     [KDE]     [Gimp on Windows]     [Steve's Art]

  Powered by Linux