Oops.. sorry posted before complete. OK, I found the documentation here: /usr/share/doc/cyrus-sasl-lib-2.1.23/options.html I had a maybe 2 mistakes which are commented below! Also SELinux is preventing /usr/lib/cyrus-imapd/imapd from search access on the directory /var/lib/mysql and connection to mysql socket. The fix for that is: # cat /var/log/messages | audit2allow -m local > imap-sql.te # checkmodule -M -m imap-sql.mod imap-sql.te # semodule_package -o imap-sql.pp -m imap-sql.mod # semodule -i imap-sql.pp WARNING: Do NOT just follow the above unless you know what you are doing! You actually need to do the first step above more than once then edit the imap-sql.te file before installing the policy. This is deliberately vague because you really need to know what you are doing with SELinux. Charles Bradshaw On: Fri, 1 Feb 2013 23:15:15 +0000, Charles Bradshaw wrote: > I am trying to switch from using sasldb2 to mysql, but I am seeing: > > Feb 1 22:48:20 ****** imaps[2553]: badlogin: ********* [192.168.0.8] > DIGEST-MD5 [SASL(-13): user not found: no secret in > > In /etc/log/maillog (I have inserted ******* to hide the actual > server and host atempting to login) > > I am seeing no query on the database so I presume I have something > wrong with one of my configurations? > > Any help would be most appreciated. Where is the documentation for imapd.conf > using mysql? > > $ yum list cyrus-sasl-sql > Installed Packages > cyrus-sasl-sql.i686 2.1.23-31.fc17 > > ~ o ~ > > /etc/imapd.conf > configdirectory: /var/lib/imap > partition-default: /var/spool/imap > admins: cyrus > sievedir: /var/lib/imap/sieve > sendmail: /usr/sbin/sendmail > hashimapspool: true > # > sasl_pwcheck_method: auxprop > sasl_mech_list: PLAIN DIGEST-MD5 CRAM-MD5 > # > #sasl_auxprop_plugin:sasldb > sasl_auxprop_plugin:sql > # > # added these for mysql > sasl_sql_engine:mysql > sasl_sql_hostname:localhost:3306 Above should be sasl_sql_hostnames NOT sasl_sql_hostname! > sasl_sql_user:mail_admin > sasl_sql_passwd:******** > sasl_sql_database:mail > sql_statement:SELECT pwd FROM users WHERE id = '%u@%r' Above should be sasl_sql_select NOT sql_statement! > sasl_sql_verbose:yes No such tag as sql_verbose! > sasl_sql_usessl: no > # > allowplaintext: yes > debug: yes > unixhierarchysep: yes > # > virtdomains: userid > tls_cert_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_key_file: /etc/pki/cyrus-imapd/cyrus-imapd.pem > tls_ca_file: /etc/pki/tls/certs/ca-bundle.crt > tls_cipher_list: TLSv1:SSLv3:!NULL:!EXPORT:!DES:!LOW:@STRENGTH > > ~ o ~ > > /etc/sasl2/Sendmail > pwcheck_method:auxprop > mech_list:DIGEST-MD5 CRAM-MD5 PLAIN > # > #auxprop_plugin:sasldb > auxprop_plugin:sql > # > # adde these for mysql > sql_engine:mysql > sql_hostname:localhost:3303 Above should be sql_hostnames NOT sql_hostname ! > sql_user:mail_admin > sql_passwd:******** > sql_database:mail > sql_statement:SELECT pwd FROM users WHERE id = '%u@%r' Above should be sql_select NOT sql_statement > sql_verbose:yes > sql_usessl: no > # > debug:yes > log_level:5 > > ~ o ~ > > Mysql query session (just to prove that it works): > > $ mysql --user mail_admin --password > Enter password: > Welcome to the MySQL monitor. Commands end with ; or \g. > Your MySQL connection id is 44 > Server version: 5.5.29-log MySQL Community Server (GPL) > > Copyright (c) 2000, 2012, Oracle and/or its affiliates. All rights reserved. > > Oracle is a registered trademark of Oracle Corporation and/or its > affiliates. Other names may be trademarks of their respective > owners. > > Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. > > mysql> SELECT pwd FROM mail.users WHERE id = 'test@mydomain'; > +----------+ > | pwd | > +----------+ > | ******** | > +----------+ > 1 row in set (0.00 sec) > > mysql> quit > Bye > > ---- > Cyrus Home Page: http://www.cyrusimap.org/ > List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ > To Unsubscribe: > https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus ------- End of Original Message ------- ---- Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
