On Sat, 2008-10-11 at 01:29 -0400, brian ally wrote: > Fedora 8 > # rpm -qa | grep cyrus > cyrus-sasl-lib-2.1.22-8.fc8 > cyrus-sasl-plain-2.1.22-8.fc8 > cyrus-imapd-utils-2.3.11-1.fc8 > cyrus-sasl-devel-2.1.22-8.fc8 > cyrus-sasl-2.1.22-8.fc8 > cyrus-sasl-md5-2.1.22-8.fc8 > cyrus-imapd-perl-2.3.11-1.fc8 > cyrus-imapd-2.3.11-1.fc8 > > # cat /etc/imapd.conf > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cyrus > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > sasl_pwcheck_method: auxprop > sasl_auxprop_plugin: sasldb2 > sasldb_path: /etc/sasldb2 > sasl_mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt > > # cat /usr/lib/sasl2/smtpd.conf > pwcheck_method: auxprop > mech_list: PLAIN LOGIN DIGEST-MD5 CRAM-MD5 > > I'm going around in circles here trying to figure out how to > authenticate with cyradm. I'd like to use sasldb and so have created > an entry there for the cyrus user. And I've disabled saslauthd. > Whatever I've tried so far has failed. And, frankly, I'm very confused > about how this is supposed to work. For instance, some info I've found > online tells me to create an entry in /etc/paswd for the cyrus user, > while other sources don't mention that. > > So, for the following, PASS1 is what i have in /etc/passwd and PASS2 > was given to saslpasswd2 -c cyrus > > -- snip -- > # cyradm --user=cyrus --server=localhost --auth=plain > verify error:num=18:self signed certificate > Password: PASS1 > IMAP Password: PASS2 > Login failed: authentication failure > at /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 119 > cyradm: cannot authenticate to server with plain as cyrus > -- snip -- > > /var/log/messages says: > perl: No worthy mechs found > > From what I understand google is telling me, the "verify error" line > can be ignored for now. If not, stop me now. > > I try LOGIN: > > -- snip -- > # cyradm --user=cyrus --server=localhost --auth=login > verify error:num=18:self signed certificate > IMAP Password: PASS2 > Login failed: authentication failure > at /usr/lib/perl5/vendor_perl/5.8.8/i386-linux-thread-multi/Cyrus/IMAP/Admin.pm line 119 > cyradm: cannot authenticate to server with login as cyrus > -- snip -- > > This time, there's no entry in /var/log/messages > > I came across this while searching and thought I'd give it a try: > > cyradm --user=cyrus --tls localhost > cyradm> > > This time, no password prompt (contrary to the example I saw) and I > appear to be in. However, if I try any commands it complains that > there's no connection: > > cyradm> cm user.USER@MYDOMAIN > createmailbox: no connection to server > > Long story short: how the heck should I be connecting to cyradm if I'm > using sasldb2? What's this, "No worthy mechs " about? Is there yet > another config file to adjust? > > Sorry for the long post. I've scrolled through so many things online > but most of the examples are just a little bit different from my setup > (eg. LDAP, MySQL, etc.) and so wanted to try to spell it out as > clearly as possible. > > Of course, if I've left out any crucial information ... ---- start slowly... /etc/imapd.conf sasl_mech_list: PLAIN and are you sure you want to use sasldb? If so, you would have to add each user/password (including cyrus) to that db. also, what's in /etc/sysconfig/saslauthd and is saslauthd service running? Craig ---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
