Hi nicolas,
I've added -d for its start, but i didn't saw nothing relevant.
the test with:
testsaslauthd -f /var/spool/postfix/var/run/saslauthd -r -s smtp -u <user> -p
<pass>
always return no auth even with a normal username.
How can i debug more this?
----- Original Message -----
From: Nicolas
To: cyrus-sasl@lists.andrew.cmu.edu
Sent: Monday, May 28, 2007 11:35 AM
Subject: Re: Problem with email as username
Jorge Bastos wrote:
Hi,
I've been using sasl for 2 years, with standard usernames, but i'd like to
use usernames in the format of emails like:
[EMAIL PROTECTED]
but, when i insert this it doesn't authenticate, i went to mysql logs and
checked that:
---
55 Query select password from smtp_auth_users where username='jorge'
and status='true'
---
It makes everything including the "@" away.
Any reason for this?
Jorge
I posted a similar problem some time ago on this list. Here's my outcome:
Relevant stuff in the pam_mysql README:
verbose (0)
If set to 1, produces logs with detailed messages that describes what
PAM-MySQL is doing. May be useful for debugging.
crypt (plain)
The method to encrypt the user's password:
0 (or "plain") = No encryption. Passwords stored in plaintext.
HIGHLY DISCOURAGED.
1 (or "Y") = Use crypt(3) function.
2 (or "mysql") = Use MySQL PASSWORD() function. It is possible
that the encryption function used by PAM-MySQL
is different from that of the MySQL server, as
PAM-MySQL uses the function defined in MySQL's
C-client API instead of using PASSWORD() SQL
function
in the query.
3 (or "md5") = Use plain hex MD5
So I modified /etc/pam.d/smtp to use verbose=1 and, finally, crypt=2,
since this seemed to be the problem.
auth required pam_mysql.so user=<[EMAIL PROTECTED]> passwd=<pass>
host=127.0.0.1 db=mail table=postfix_users usercolumn=email
passwdcolumn=clear crypt=2 verbose=1
account sufficient pam_mysql.so user=<[EMAIL PROTECTED]> passwd=<pass>
host=127.0.0.1 db=mail table=postfix_users usercolumn=email
passwdcolumn=clear crypt=2 verbose=1
Start saslauthd from
> commandline with the settings you want to gave in /etc/default/saslauthd AND
> add "-d" to keep saslauthd attached to the screen in debug mode.
>
>
So that would be
# /usr/sbin/saslauthd -d -a pam &
[1] 3654
saslauthd[3654] :main : num_procs : 5
igloo:/home/nicolas# saslauthd[3654] :main : mech_option: NULL
saslauthd[3654] :main : run_path : /var/run/saslauthd
saslauthd[3654] :main : auth_mech : pam
saslauthd[3654] :ipc_init : using accept lock file:
/var/run/saslauthd/mux.accept
saslauthd[3654] :detach_tty : master pid is: 0
saslauthd[3654] :ipc_init : listening on socket:
/var/run/saslauthd/mux
saslauthd[3654] :main : using process model
saslauthd[3655] :get_accept_lock : acquired accept lock
saslauthd[3654] :have_baby : forked child: 3655
saslauthd[3654] :have_baby : forked child: 3656
saslauthd[3654] :have_baby : forked child: 3657
saslauthd[3654] :have_baby : forked child: 3658
> Then use testsaslauthd with at least the following options:
>
> $ testsaslauthd -f /var/spool/postfix/var/run/saslauthd -r -s smtp -u <user>
> -p <pass>
>
... and there you go # testsaslauthd -s smtp -u <[EMAIL PROTECTED]> -p <pass>
saslauthd[3756] :rel_accept_lock : released accept lock saslauthd[3757]
:get_accept_lock : acquired accept lock saslauthd[3756] :do_auth : auth
success: [user=<[EMAIL PROTECTED]>] [service=smtp] [realm=] [mech=pam]
saslauthd[3756] :do_request : response: OK 0: OK "Success."
