Re: IMSP Authentication issue

Martin Ziegler <mz@xxxxxxxxxxxxxx> · Sun, 01 Jun 2008 12:43:38 +0200

Any other ideas please?

Thanks and enjoy the rest of the weekend.

--On May 30, 2008 6:42:05 PM +0200 Martin Ziegler <mz@xxxxxxxxxxxxxx> wrote:

> Hi Simon,
>
> yes, it is also the same than on the old server.
>
> cat /etc/pam.d/imsp
>
> auth sufficient pam_mysql.so user=mail passwd=Paiste88 host=localhost
> db=mail table=accountuser usercolumn=username passwdcolumn=password
> crypt=0  logtable=log logmsgcolumn=msg logusercolumn=user
> loghostcolumn=host  logpidcolumn=pid logtimecolumn=time
>
> account required pam_mysql.so user=mail passwd=Paiste88 host=localhost
> db=mail table=accountuser usercolumn=username passwdcolumn=password
> crypt=0  logtable=log logmsgcolumn=msg logusercolumn=user
> loghostcolumn=host  logpidcolumn=pid logtimecolumn=time
>
> Any other ideas?
>
> Thanks, Martin
>
>
> --On May 30, 2008 10:47:17 AM +0200 Simon Matter <simon.matter@xxxxxxxxx>
> wrote:
>
>>> Anyone please?
>>>
>>> I need to go online with my new system this afternoon and IMSPd is
>>> driving me crazy.
>>
>> I have never used IMSPd nor MySQL authentication with saslauthd.
>> But, from what I understand your authentication goes via PAM. If yes, do
>> you have the same PAM configuration on your new server, most likely in
>> /etc/pam.d/?
>>
>> Simon
>>
>>>
>>> Thanks in advance!
>>>
>>> --On Donnerstag, 29. Mai 2008 11:28 +0200 Martin Ziegler
>>> <mz@xxxxxxxxxxxxxx> wrote:
>>>
>>>> Good Morning All,
>>>>
>>>> i'm currently migrating my system to a new server and unfortunately i
>>>> have
>>>> to recompile all the stuff. Happily it went quite well with one
>>>> exception.
>>>> The authentication mechanism for IMSPd is no longer working. I'm using
>>>> saslauthd which connects to a MYSQL databse. This works for all other
>>>> daemons without any problem including Cyrus IMAPd. When i try to log in
>>>> to
>>>> IMSPd saslauthd returns a successfull authentication but IMSPd says,
>>>> that
>>>> there is no such user on this server. On my old server i have exactly
>>>> the
>>>> same configuration running without problems for years now. Please find
>>>> all
>>>> the details below.
>>>>
>>>> I would be very happy if someone could point my into the right
>>>> direction before i'm going mad.
>>>>
>>>> Thank you!
>>>>
>>>> Cheers, Martin
>>>>
>>>> BTW: In the meantime is there a working virtdomain patch available for
>>>> IMSPd?
>>>>
>>>> -----------------
>>>> cyrus-imspd-v1.7b
>>>>
>>>> ./configure --prefix=/opt/cyrus/imsp --with-sasl=/opt --with-auth=unix
>>>>
>>>> ldd imspd:
>>>> libsasl2.so.2 => /opt/lib/libsasl2.so.2 (0xb7efb000)
>>>> libdl.so.2 => /lib/libdl.so.2 (0xb7ef8000)
>>>> libresolv.so.2 => /lib/libresolv.so.2 (0xb7ee6000)
>>>> libdb-4.0.so => /usr/lib/libdb-4.0.so (0xb7e1c000)
>>>> libc.so.6 => /lib/libc.so.6 (0xb7ce2000)
>>>> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0xb7f2e000)
>>>>
>>>> ------------
>>>> cyrus-sasl-2.1.20.tar.gz
>>>> ./configure \
>>>> --prefix=/opt \
>>>> --enable-anon \
>>>> --enable-plain \
>>>> --enable-login \
>>>> --disable-krb4 \
>>>> --disable-otp \
>>>> --disable-cram \
>>>> --disable-digest \
>>>> --with-saslauthd=/var/run/saslauthd \
>>>> --with-pam=/lib/security \
>>>> --with-dblib=berkeley \
>>>> --with-bdb-libdir=/usr/lib \
>>>> --with-bdb-incdir=/usr/include \
>>>> --with-openssl=/opt/openssl \
>>>> --with-plugindir=/opt/lib/sasl2
>>>>
>>>> -------------
>>>> cat /opt/lib/sasl2/imspd.conf
>>>> pwcheck_method: saslauthd
>>>> --------------
>>>>
>>>> testsaslauthd -u <username> -p <password> -s imsp
>>>> 0: OK "Success."
>>>>
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: pam_sm_authenticate called.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: dbuser changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: dbpasswd changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: host changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: database changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: table changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: usercolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: passwdcolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: crypt changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: logtable changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: logmsgcolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: logusercolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: loghostcolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: logpidcolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: logtimecolumn changed.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: db_connect  called.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0 .
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: db_checkpasswd called.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: pam_mysql: where clause =
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: SELECT password FROM
>>>> accountuser
>>>> WHERE  username='<username>'
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: sqlLog called.
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: insert into log (msg, user,
>>>> host, pid, time) values('AUTH SUCCESSFUL', '<username>', '', '4333',
>>>> NOW()) May 29 09:09:34 h1391047 saslauthd[4333]: Returning 0
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0 .
>>>> May 29 09:09:34 h1391047 saslauthd[4333]: returning 0.
>>>>
>>>> --------------------
>>>>
>>>> Log in to IMSPd:
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: pam_sm_authenticate called.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: dbuser changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: dbpasswd changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: host changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: database changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: table changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: usercolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: passwdcolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: crypt changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: logtable changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: logmsgcolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: logusercolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: loghostcolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: logpidcolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: logtimecolumn changed.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: db_connect  called.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0 .
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: db_checkpasswd called.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: pam_mysql: where clause =
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: SELECT password FROM
>>>> accountuser
>>>> WHERE username='<username>'
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: sqlLog called.
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: insert into log (msg, user,
>>>> host, pid, time) values('AUTH SUCCESSFUL', '<username>', '', '4332',
>>>> NOW()) May 29 09:11:38 h1391047 saslauthd[4332]: Returning 0
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0 .
>>>> May 29 09:11:38 h1391047 saslauthd[4332]: returning 0.
>>>> May 29 09:11:38 h1391047 imsp[12467]: badlogin: <hostname> <username>
>>>> plaintext User does not have an account on this server
>>>>
>>>> ----
>>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>>
>>>
>>>
>>> ----
>>> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
>>> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
>>> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>>>
>>
>>
>>
>
>
> ----
> Cyrus Home Page: http://cyrusimap.web.cmu.edu/
> Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
> List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
>

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html