Hi and thanks for you reply!

Welcome to nightmaresville. I struggled with this for yonks, and found that there were some other files that needed to be setup, e.g.:

F**k! I mean why does it have to be so difficult? In RedHat Linux I got the same configuration up without any problems...

ajax# cd /usr/local/lib/sasl2
ajax# cat Cyrus.conf
pwcheck_method: saslauthd

Ok, well added that there also. And then I read somewhere that the pwcheck_method -line should be in imapd.conf too.

There is at least one other one, and I'm trying to find it!

Are you getting any trace out that you can post? I'd agree with you that it doesn't seem to be contacting the database. If you have a log against mysql, you could check this from the database end.

This was actually the other thing I was wondering about; a) where is my.cnf in FreeBSD to config MySQL for and b) where does MySQL log the queries? I would love to look into what pam really tries to do with mysql - or doesn't.

The only thing I can trace back to is the line I get into /var/log/messages:

Aug 26 17:28:27 silakka imapd[3167]: login: my.machine[] kypeli plaintext

Yes, it works but it works dispite it shouldn't since I removed the line from database with my username. In fact I read these postings with this username that shouldn't work :)

In my view, the docs for Cyrus fall a long way short of what is really needed!

Yep! And this isn't the first time I struggle with Cyrus and notice that the docs are out of date and mailing lists/newsgroups are the only way to get help. Thank god for them :)

But the wierdest thing is that I think it in fact does use pam to auth but it uses the wrong service (a one that authenticates from /etc/passwd). Can anyone verify if this is possible? What it the correct service line for pam.conf?


Jon Mercer


Johan Paul

Johan Paul wrote:


Has anyone managed to get the Cyrus imapd to authenticate with pam_mysql

In /usr/local/etc/imapd.conf I have:
allowanonymouslogin: no
allowplaintext: yes
sasl_pwcheck_method: saslauthd
sasl_mech_list: PLAIN

...among other things.

I am running saslauthd with pam authentication:
silakka# ps xa |grep saslauthd
  258  ??  Is     0:00.01 /usr/local/sbin/saslauthd1 -a pam

This is what I have in my /etc/pam.conf:

# Mail services
imap    auth sufficient pam_mysql.so user=mail passwd=uBerSecRETPASS
host=localhost db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=1

imap    account required pam_mysql.so user=mail passwd=uBerSecRETPASS
host=localhost db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=1

The problem, I think, is the service column. The authentication is done
via PAM since when I change the password for my shell account the mail
password is changed too. But saslauthd uses some other service to
authenticate, not imap and thus not pam_mysql. Why doesn't it reconize the
above lines for Cyrus?

I am running FreeBSD 4.8R

This is giving me serious headache :) Thanks in advance for any clues!!


Johan Paul

[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to