>Michael Bartosh wrote:
>> this question is far simpler than most I see across this list-
>>
>That's fine--we all start somewhere :-)
>
>> But I can not get any method of authentication except for sasldb to
>> work. I tied pam, I tried shadow (and added cyrus to the shadow
>> group) and nothing worked until I gave the user a saslpasswd and
>> changed auth to sasldb.
>>
>> How do I authenticate against pre-existing passwords? Or is there a
>> way to keep a user's password and saslpassword in sync? Where do I
>> start to look and see where my problem is?
>>
>Start by reading the FAQ:
> http://cyrus-utils.sf.net/fom
The requested URL /fom was not found on this server
>and the /docs directory in the source distribution (the install-*.html,
>overview.html, and faq.html files). You can use PAM or pwcheck to
>authenticate against shadow passwords. pwcheck is a little authentication
>daemon that comes with the Cyrus source distribution.
Suse 7.2
At first I was trying to use the rpms that came with Suse- and
everything basically worked except for the fact that I could only get
sasldb auth to function. I still have not found any specific
directions for getting PAM to work-- if there is a url specifically
or this, I'd gladly retrace my steps again. Do I need to chang
/etc/pam.d/imapd and /etc/imapd/popd ?
In the mean time I built cyrus per the instructions included in the doc dir.
>
>After you've done that, try again from scratch (so that you don't have any
>bits and pieces from when you first started floating around). If it's not
>working, post detailed diagnostics here--there's been some good posts
>recently showing what this looks like. You should at least include contents
>and permissions of imapd.conf,
ls -latr /etc/imapd.conf
-rw-r--r-- 1 root root 261 Oct 10 03:43 /etc/imapd.conf
mbartosh@4am:~/cyrus-imapd-2.0.16 > cat /etc/imapd.conf
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrus
allowanonymouslogin: no
autocreatequota: 10000
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
allowplaintext: yes
sasl_pwcheck_method: PAM
>cyrus.conf,
ls -latr /etc/cyrus.conf
-rw-r--r-- 1 root root 1076 Oct 10 00:59 /etc/cyrus.conf
mbartosh@4am:~ > cat /etc/cyrus.conf
# standard standalone server implementation
START {
# do not delete these entries!
mboxlist cmd="ctl_mboxlist -r"
deliver cmd="ctl_deliver -r"
# this is only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# UNIX sockets start with a slash and are put into /var/imap/sockets
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
# LMTP is required for delivery
#lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
#added per /usr/share/doc/packages/cyrus-imapd/README.SuSE
lmtpunix cmd="lmtpd" listen="/var/spool/postfix/public/lmtp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_mboxlist -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" period=1440
}
>pwcheck dir or pam config
cat /etc/pam.d/imap
#%PAM-1.0
auth required /lib/security/pam_unix.so
account required /lib/security/pam_unix.so
mbartosh@4am:~/cyrus-imapd-2.0.16 > cat /etc/pam.d/pop
#%PAM-1.0
auth required /lib/security/pam_unix.so
account required /lib/security/pam_unix.so
>as
>appropriate, input and output to cyradm,
mbartosh@4am:~ > cyradm -u cyrus localhost
Can't load
'/usr/lib/perl5/site_perl/5.6.0/i586-linux/auto/Cyrus/IMAP/IMAP.so'
for module Cyrus::IMAP: libssl.so.0.9.6: cannot load shared object
file: No such file or directory at
/usr/lib/perl5/5.6.0/i586-linux/DynaLoader.pm line 200.
at /usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line 43
Compilation failed in require at
/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line 43.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Admin.pm line 43.
Compilation failed in require at
/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Shell.pm line 58.
BEGIN failed--compilation aborted at
/usr/lib/perl5/site_perl/5.6.0/i586-linux/Cyrus/IMAP/Shell.pm line 58.
Compilation failed in require.
BEGIN failed--compilation aborted.
> imtest,
mbartosh@4am:~ > imtest -m login -p imap localhost
C: C01 CAPABILITY
S: * OK 4am Cyrus IMAP4 v2.0.16 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS
ID NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE AUTH=DIGEST-MD5 AUTH=CRAM-MD5
S: C01 OK Completed
Password:
C: L01 LOGIN mbartosh {6}
+ go ahead
C: <omitted>
L01 NO Login failed: authentication failure
Authentication failed. generic failure
Security strength factor: 0
. logout
* BYE LOGOUT received
. OK Completed
Connection closed.
> and `telnet localhost
>imap`,
mbartosh@4am:~ > telnet localhost imap
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK 4am Cyrus IMAP4 v2.0.16 server ready
. logout
* BYE LOGOUT received
. OK Completed
Connection closed by foreign host.
> and contents of /var/log/imapd.conf,
For some reason nothing is being written to the file?
> plus your ./configure command
./configure --with-auth=unix --with-sasl=/usr/lib/sasl
--with-openssl=/usr/local/ssl
>and anything else relevent.
When I start master and try to run imtest, I get an error in syslog:
Oct 10 15:42:01 4am lmtpd[14960]: unable to dlopen
/usr/lib/sasl/libgssapiv2.so: libgssapi.so.1: cannot load shared
object file: No such file or directory
Except that both of those files are there.
Again- the only thing that was broken with the rpm's was
authentication- so if there's a specific reference to configuring for
PAM, I'd love to find that.
>HTH,
> Jeremy
--
