Hi,
I'm struggling to get my SASL config working... It seems that my
"pwcheck_method" is being completely ignored! Although I set it as
"saslauthd", I receive "could not find auxprop plugin, was searching for
'[all]'" im my logs... I even traced Exim's pid and saw that the correct
config file for sasl (/usr/lib64/sasl2/exim.conf) is being used.
Running manually "testsaslauthd" and "imtest" works ok, socket's permission
is all right (/var/run/saslauthd/mux). But using SASL lib from Exim, it
ignores the pwchek_mtehod... If I run saslauthd in debug mode
(/usr/sbin/saslauthd -a pam -m /var/run/saslauthd -d), it logs nothing when
SASL lib is called from Exim. When called by testsaslauthd and imtest,
saslauthd debug's log show ok.
Exim seems to be calling SASL lib's normally, I'm posting some info below...
Any ideas? I'm running out of them! Thanks,
Mark J
Exim STRACE: [pid 29899] open("/usr/lib64/sasl2/exim.conf", O_RDONLY) = 6
[EMAIL PROTECTED] log]# cat /usr/lib64/sasl2/exim.conf
pwcheck_method:saslauthd
[EMAIL PROTECTED] log]# tail /var/log/messages
Jun 20 22:21:04 interno exim: NTLM server step 1
Jun 20 22:21:04 interno exim: client flags: ffffb207
Jun 20 22:21:04 interno exim: NTLM server step 2
Jun 20 22:21:04 interno exim: client user: MXXXXXX
Jun 20 22:21:04 interno exim: client domain: SOFISANT
Jun 20 22:21:04 interno exim: could not find auxprop plugin, was searching
for '[all]'
Jun 20 22:21:04 interno exim: could not find auxprop plugin, was searching
for '[all]'
Jun 20 22:21:04 interno exim: no secret in database
[EMAIL PROTECTED] log]# testsaslauthd -u mXXXXXX -p YYYYYYY
0: OK "Success."
[EMAIL PROTECTED] log]# imtest -u mXXXXXX -w YYYYYYY -a mXXXXXX -v -m login
WARNING: no hostname supplied, assuming localhost
S: * OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=NTLM SASL-IR]
interno.sofisant.local Cyrus IMAP4 v2.3.7-Invoca-RPM-2.3.7-1.1.el5 server
ready
C: C01 CAPABILITY
S: * CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID STARTTLS AUTH=NTLM SASL-IR ACL
RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH
S: C01 OK Completed
C: L01 LOGIN mXXXXXX {8}
S: + go ahead
C: <omitted>
S: L01 OK [CAPABILITY IMAP4 IMAP4rev1 LITERAL+ ID LOGINDISABLED ACL
RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME
UNSELECT CHILDREN MULTIAPPEND BINARY SORT SORT=MODSEQ THREAD=ORDEREDSUBJECT
THREAD=REFERENCES ANNOTATEMORE CATENATE CONDSTORE IDLE LISTEXT
LIST-SUBSCRIBED X-NETSCAPE URLAUTH] User logged in
Authenticated.
Security strength factor: 0
[EMAIL PROTECTED] log]# /usr/sbin/exim -bd -q1h -d+auth
29857 SMTP>> 250-server.email.interno Hello CPD39 [10.5.4.39]
29857 250-AUTH NTLM
29857 250 HELP
29857 SMTP<< AUTH NTLM
29857 Calling sasl_server_start(NTLM,"")
29857 SMTP>> 334
29857 SMTP<<
TlRMTVNTUAABAAAAB7IIoggACAAtAAAABQAFACgAAAAFASgKAAAAD0NQRDM5U09GSVNBTlQ=
29857 Calling
sasl_server_step("TlRMTVNTUAABAAAAB7IIoggACAAtAAAABQAFACgAAAAFASgKAAAAD0NQRDM5U09GSVNBTlQ=")
29857 SMTP>> 334
TlRMTVNTUAACAAAAKAAoADAAAAAFsgIApX9RPvX5/PUAAAAAAAAAAAAAAAAAAAAAUwBFAFIAVgBFAFIALgBFAE0AQQBJAEwALgBJAE4AVABFAFIATgBPAA==
29857 SMTP<<
TlRMTVNTUAADAAAAGAAYAHQAAAAYABgAjAAAABAAEABIAAAAEgASAFgAAAAKAAoAagAAAAAAAACkAAAABYIAAgUBKAoAAAAPUwBPAEYASQBTAEEATgBUAE0ATABpAGMAYQBzAHQAcgBvAEMAUABEADMAOQB1Om5nsDBkan3TNtobQJkbfkPltX9HZ9Shwx9PPg0gIPnArowf9HMeKj2/xOi1t5w=
29857 Calling
sasl_server_step("TlRMTVNTUAADAAAAGAAYAHQAAAAYABgAjAAAABAAEABIAAAAEgASAFgAAAAKAAoAagAAAAAAAACkAAAABYIAAgUBKAoAAAAPUwBPAEYASQBTAEEATgBUAE0ATABpAGMAYQBzAHQAcgBvAEMAUABEADMAOQB1Om5nsDBkan3TNtobQJkbfkPltX9HZ9Shwx9PPg0gIPnArowf9HMeKj2/xOi1t5w=")
29857 Cyrus SASL permanent failure -20 (user not found)
29857 LOG: REJECT
29857 sasl_auth authenticator (NTLM):
29857 Cyrus SASL permanent failure: user not found
29857 SMTP>> 535 Incorrect authentication data
29857 LOG: MAIN REJECT
29857 sasl_auth authenticator failed for (CPD39) [10.5.4.39]: 535
Incorrect authentication data
29857 SMTP<< AUTH NTLM
29857 host in smtp_accept_max_nonmail_hosts? yes (matched "*")
29857 Calling sasl_server_start(NTLM,"")
29857 SMTP>> 334
29857 SMTP<< *
29857 SMTP>> 501 Authentication cancelled
29857 LOG: MAIN REJECT
29857 sasl_auth authenticator failed for (CPD39) [10.5.4.39]: 501
Authentication cancelled
