Re: Cyrus-Imap + Pam-Ldap
Whats interesting is when I put in the wrong passwdord I get this
bash-2.04$ imtest -m login -a newuser localhost
C: C01 CAPABILITY
S: * OK octa8on Cyrus IMAP4 v2.0.12 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE X-NETSCAPE
S: C01 OK Completed
Password:
C: L01 LOGIN newuser {3}
+ go ahead
C:
L01 NO Login failed: authentication failure
Authentication failed. generic failure
Security strength factor: 0
and in my /var/log/messages.
master[10299]: about to exec /usr/cyrus/bin/imapd
service-imapd[10299]: executed
imapd[10299]: accepted connection
slapd[8657]: daemon: conn=45 fd=7 connection from IP=127.0.0.1:34145
(IP=0.0.0.0:34049) accepted.
slapd[8657]: conn=45 op=0 BIND dn="" method=128
slapd[8657]: conn=45 op=0 RESULT tag=97 err=0 text=
slapd[8657]: conn=45 op=1 SRCH base="dc=banda,dc=cxm" scope=2
filter="(uid=newuser)"
slapd[8657]: conn=45 op=1 SEARCH RESULT tag=101 err=0 text=
slapd[8657]: conn=45 op=2 BIND dn="UID=NEWUSER,OU=PEOPLE,DC=BANDA,DC=CXM"
method=128
slapd[8657]: conn=45 op=2 RESULT tag=97 err=49 text=
imapd[10299]: pam_ldap: error trying to bind as user
"uid=newuser,ou=People,dc=banda,dc=cxm" (Invalid credentials)
slapd[8657]: conn=45 op=3 BIND dn="" method=128
slapd[8657]: conn=45 op=3 RESULT tag=97 err=0 text=
slapd[8657]: daemon: conn=46 fd=12 connection from IP=127.0.0.1:34146
(IP=0.0.0.0:34049) accepted.
slapd[8657]: conn=46 op=0 BIND dn="" method=128
slapd[8657]: conn=46 op=0 RESULT tag=97 err=0 text=
slapd[8657]: conn=46 op=1 SRCH base="dc=banda,dc=cxm" scope=2
filter="(&(objectClass=posixAccount)(uid=newuser))"
slapd[8657]: conn=46 op=1 SEARCH RESULT tag=101 err=0 text=
slapd[8657]: conn=46 op=2 SRCH base="dc=banda,dc=cxm" scope=2
filter="(&(objectClass=shadowAccount)(uid=newuser))"
slapd[8657]: conn=46 op=2 SEARCH RESULT tag=101 err=0 text=
PAM_unix[10299]: authentication failure; (uid=96) -> newuser for imap service
So we have a situation here that it probably does get the auth from pam-ldap
, because it can read the userPassword.
I'm open to suggestions. Anyone ?
Thanks in advance.
Chris
On Thursday 17 May 2001 05:04 pm, you wrote:
> I think it might be looking for userpassword.
> Check the configuration file in .../pam/ldap.conf - I did not see where
> it was configurable.
>
> You can do a ldapsearch to see if you can retrieve the info by UID.
> If you have configured slapd to not give read access to userpassword
> then you might try as superuser ldbmcat subject2id.dbm (the slapd
> database file).
>
> johnh...
>
> On Thu, 17 May 2001, Christien Bunting wrote:
> > Date: Thu, 17 May 2001 10:13:11 -0400
> > From: Christien Bunting <[EMAIL PROTECTED]>
> > To: [EMAIL PROTECTED]
> > Subject: Cyrus-Imap + Pam-Ldap
> >
> > Hi all.
> >
> > I'm trying to get this combination going.
> >
> > This is what I get when Itry the imtest
> >
> > bash-2.04$ imtest -m login -a newuser localhost
> > C: C01 CAPABILITY
> > S: * OK octa8on Cyrus IMAP4 v2.0.12 server ready
> > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
> > NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
> > THREAD=REFERENCES IDLE X-NETSCAPE
> > S: C01 OK Completed
> > Password:
> > C: L01 LOGIN newuser {6}
> > + go ahead
> > C:
> > failure: prot layer failure
> >
> > Im my /var/log/messages I get this :
> >
> > master[9707]: about to exec /usr/cyrus/bin/imapd
> > service-imapd[9707]: executed
> > imapd[9707]: accepted connection
> > slapd[8657]: daemon: conn=32 fd=7 connection from IP=127.0.0.1:33787
> > (IP=0.0.0.0:34049) accepted.
> > slapd[8657]: conn=32 op=0 BIND dn="" method=128
> > slapd[8657]: conn=32 op=0 RESULT tag=97 err=0 text=
> > slapd[8657]: conn=32 op=1 SRCH base="dc=banda,dc=cxm" scope=2
> > filter="(uid=newuser)"
> > slapd[8657]: conn=32 op=1 SEARCH RESULT tag=101 err=0 text=
> > slapd[8657]: conn=32 op=2 BIND dn="UID=NEWUSER,OU=PEOPLE,DC=BANDA,DC=CXM"
> > method=128
> > slapd[8657]: conn=32 op=2 RESULT tag=97 err=0 text=
> > slapd[8657]: conn=32 op=3 BIND dn="" method=128
> > slapd[8657]: conn=32 op=3 RESULT tag=97 err=0 text=
> > slapd[8657]: conn=32 op=4 UNBIND
> > slapd[8657]: conn=-1 fd=7 closed
> > master[1124]: process 9707 exited, signaled to death by 11
> >
> >
> > Now it looks to me like it found that account NEWUSER , but it cant get
> > the passwd.
> >
> > Does anyone have any experience with configuring pam-ldap ? I have
> > nss-ldap working well and it uses the rootdn, some how I dont know why
> > pam-ldap doesnt.
> >
> > If I'm wrong and you know whats happenning please do shed some insight.
> >
> > Thanks
> >
> > --
> > Christien Bunting
> >
> > Bunting and Associates
> > The Linux Professionals in The Caribbean
> > http://linux.co.tt [EMAIL PROTECTED]
> >
> > Kmail the Best Mail User Agent
--
Christien Bunting
Bunting and Associates
The Linux Professionals in The Caribbean
http://linux.co.tt [EMAIL PROTECT
Re: mailbox-daemon
This sounds really cool!
Can you explain more of the details on how you implemented it?
What happens on system crash?
How often does it "sync" to the hard drive?
What's the difference between this and using a write-caching
hard drive scheme?
-- Michael --
- Original Message -
From: "Noll Janos" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, May 14, 2001 5:10 PM
Subject: mailbox-daemon
> Hy!
>
> Until now, cyrus could handle either a text file folderlist (mailboxes)
or a
> DB3 folderlist (mailboxes.db). But now it can user "socket"
folder-handler,
> to connect to a daemon. The mailbox-server "daemon" keeps all the
> mailbox data ("formerly" mailboxes.db) in memory, so it should be faster.
I
> tested it with a dataset containing 300 000 folders, and it seemed fast,
> especially at create folder/delete folder actions.
>
> If anybody feels like he wants to experiment with my "mailbox-patch",
here it
> is. It's a 0.1 version, so don't expect much, but it basicly works.
>
> You might need some C knowledge, and it's not yet for the average user!
>
> The URL is: http://opensource.prim.hu/mbdaemon/
>
>
> If the protocol works, this could have much broader implications. For
> example, imagine a "plug-in" daemon that connects to a database and does
> caching. Although this could be done by modifying cyrus code, in some
systems
> it would be faster, as the mailbox-daemon would not need to reconnect to
the
> database for each cyrus instance and it could live on just one db
connection.
>
> I'll try to release a 0.2 version in one or two weeks with more
documentation,
> but meanwhile, you can test this one.
>
> Any comments, replies will be appreciated.
>
> | Noll Janos <[EMAIL PROTECTED]> | http://www.johnzero.hu |
> | "Expect the unexpected!"| ICQ# 4547866 | Linux rulez! |
>
Cyrus-Imap + Pam-Ldap
Hi all.
I'm trying to get this combination going.
This is what I get when Itry the imtest
bash-2.04$ imtest -m login -a newuser localhost
C: C01 CAPABILITY
S: * OK octa8on Cyrus IMAP4 v2.0.12 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE X-NETSCAPE
S: C01 OK Completed
Password:
C: L01 LOGIN newuser {6}
+ go ahead
C:
failure: prot layer failure
Im my /var/log/messages I get this :
master[9707]: about to exec /usr/cyrus/bin/imapd
service-imapd[9707]: executed
imapd[9707]: accepted connection
slapd[8657]: daemon: conn=32 fd=7 connection from IP=127.0.0.1:33787
(IP=0.0.0.0:34049) accepted.
slapd[8657]: conn=32 op=0 BIND dn="" method=128
slapd[8657]: conn=32 op=0 RESULT tag=97 err=0 text=
slapd[8657]: conn=32 op=1 SRCH base="dc=banda,dc=cxm" scope=2
filter="(uid=newuser)"
slapd[8657]: conn=32 op=1 SEARCH RESULT tag=101 err=0 text=
slapd[8657]: conn=32 op=2 BIND dn="UID=NEWUSER,OU=PEOPLE,DC=BANDA,DC=CXM"
method=128
slapd[8657]: conn=32 op=2 RESULT tag=97 err=0 text=
slapd[8657]: conn=32 op=3 BIND dn="" method=128
slapd[8657]: conn=32 op=3 RESULT tag=97 err=0 text=
slapd[8657]: conn=32 op=4 UNBIND
slapd[8657]: conn=-1 fd=7 closed
master[1124]: process 9707 exited, signaled to death by 11
Now it looks to me like it found that account NEWUSER , but it cant get the
passwd.
Does anyone have any experience with configuring pam-ldap ? I have nss-ldap
working well and it uses the rootdn, some how I dont know why pam-ldap doesnt.
If I'm wrong and you know whats happenning please do shed some insight.
Thanks
--
Christien Bunting
Bunting and Associates
The Linux Professionals in The Caribbean
http://linux.co.tt [EMAIL PROTECTED]
Kmail the Best Mail User Agent
Re: 2.0.13 fail compil on RH 7.0 and 2.0.12 compil like a charm
Ken Murchison a écrit : > > Patrick Lin wrote: > > > > hi, > > i try to compil 2.0.13 on RH 7.0 > > and i get this > > in the same machine 2.0.12 compil like a charm > > > > gcc -c -I. -I.. -I. -I./../lib -I./../et -Iyes/include > > -I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H -I. -I. -g > > -O2 \ > > comparator.c > > In file included from comparator.h:35, > > from comparator.c:37: > > /usr/include/regex.h:252:22: warning: "REG_EXTENDED" redefined > > /usr/local/include/hsregex.h:43:1: warning: this is the location of the > > previous definition > > First, none of this code has changed since 1.6.25 (I wrote it). Second, > I just compile 2.0.13 on my RH 7.0 notebook without any problems. Your > problem is that /usr/local/include/hsregex.h is being included for some > reason and you don't need and/or want it. Ok i trust you :)) > > Questions: > > Are you using the exact some configuration settings for compiling both > 2.0.12 and 2.0.13? exactly the same : --with-dbdir --with-auth=unix --with-openssl=/usr/local --with-sasl --with-libwrap > > Did you just recently install a package which added > /usr/local/include/hsregex.h (I don't have any such animal on my RH 7.0 > notebook)? Hmm Apache +modssl +mod_php4 +some_of_others_mods and this .h come from this install .. weird > Can you check to see what .h file(s) is including it (neither configure > or the source looks for it directly)? > yes see my answer above > The bottom line is that you want to get /usr/local/include/hsregex.h out > of your includes. will try > > Ken > -- > Kenneth Murchison Oceana Matrix Ltd. > Software Engineer 21 Princeton Place > 716-662-8973 x26 Orchard Park, NY 14127 > --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp thanks Best Regards, Patrick -- __( / | | / \ | This message is transmitted by | \ \ | 100 % recycled electrons |___\ / |__( /__)
Re: 2.0.13 fail compil on RH 7.0 and 2.0.12 compil like a charm
Patrick Lin wrote: > > hi, > i try to compil 2.0.13 on RH 7.0 > and i get this > in the same machine 2.0.12 compil like a charm > > gcc -c -I. -I.. -I. -I./../lib -I./../et -Iyes/include > -I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H -I. -I. -g > -O2 \ > comparator.c > In file included from comparator.h:35, > from comparator.c:37: > /usr/include/regex.h:252:22: warning: "REG_EXTENDED" redefined > /usr/local/include/hsregex.h:43:1: warning: this is the location of the > previous definition First, none of this code has changed since 1.6.25 (I wrote it). Second, I just compile 2.0.13 on my RH 7.0 notebook without any problems. Your problem is that /usr/local/include/hsregex.h is being included for some reason and you don't need and/or want it. Questions: Are you using the exact some configuration settings for compiling both 2.0.12 and 2.0.13? Did you just recently install a package which added /usr/local/include/hsregex.h (I don't have any such animal on my RH 7.0 notebook)? Can you check to see what .h file(s) is including it (neither configure or the source looks for it directly)? The bottom line is that you want to get /usr/local/include/hsregex.h out of your includes. Ken -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
2.0.13 fail compil on RH 7.0 and 2.0.12 compil like a charm
hi, i try to compil 2.0.13 on RH 7.0 and i get this in the same machine 2.0.12 compil like a charm gcc -c -I. -I.. -I. -I./../lib -I./../et -Iyes/include -I/usr/local/include -I/usr/local/include -DHAVE_CONFIG_H -I. -I. -g -O2 \ comparator.c In file included from comparator.h:35, from comparator.c:37: /usr/include/regex.h:252:22: warning: "REG_EXTENDED" redefined /usr/local/include/hsregex.h:43:1: warning: this is the location of the previous definition /usr/include/regex.h:256:19: warning: "REG_ICASE" redefined /usr/local/include/hsregex.h:44:1: warning: this is the location of the previous definition /usr/include/regex.h:261:21: warning: "REG_NEWLINE" redefined /usr/local/include/hsregex.h:46:1: warning: this is the location of the previous definition /usr/include/regex.h:265:19: warning: "REG_NOSUB" redefined /usr/local/include/hsregex.h:45:1: warning: this is the location of the previous definition /usr/include/regex.h:275:20: warning: "REG_NOTBOL" redefined /usr/local/include/hsregex.h:76:1: warning: this is the location of the previous definition /usr/include/regex.h:278:20: warning: "REG_NOTEOL" redefined /usr/local/include/hsregex.h:77:1: warning: this is the location of the previous definition In file included from comparator.h:36, from comparator.c:38: /usr/include/regex.h:290: parse error before `1' /usr/include/regex.h:391: conflicting types for `regex_t' /usr/local/include/hsregex.h:33: previous declaration of `regex_t' /usr/include/regex.h:394: conflicting types for `regoff_t' /usr/local/include/hsregex.h:27: previous declaration of `regoff_t' /usr/include/regex.h:422: conflicting types for `regmatch_t' /usr/local/include/hsregex.h:37: previous declaration of `regmatch_t' /usr/include/regex.h:535: conflicting types for `regcomp' /usr/local/include/hsregex.h:41: previous declaration of `regcomp' /usr/include/regex.h:540: conflicting types for `regexec' /usr/local/include/hsregex.h:75: previous declaration of `regexec' /usr/include/regex.h:543: conflicting types for `regerror' /usr/local/include/hsregex.h:71: previous declaration of `regerror' /usr/include/regex.h:545: conflicting types for `regfree' /usr/local/include/hsregex.h:85: previous declaration of `regfree' make[1]: *** [comparator.o] Error 1 make[1]: Leaving directory `/INSTALL/Build/cyrus-imapd-2.0.13/sieve' make: *** [all] Error 1 Any Help Patrick -- __( / | | / \ | This message is transmitted by | \ \ | 100 % recycled electrons |___\ / |__( /__)
exit on signal 75
Hi, I tried to upgrade cyrus to version 2.0.13, but in doing so something's gone wrong. When I start cyrus I get these errormessages in the log: May 17 15:44:02 mailserver master[6598]: process started May 17 15:44:02 mailserver master[6599]: about to exec /usr/cyrus/bin/ctl_mboxlist May 17 15:44:02 mailserver master[6598]: process 6599 exited, status 75 May 17 15:44:02 mailserver master[6600]: about to exec /usr/cyrus/bin/ctl_deliver May 17 15:44:02 mailserver master[6598]: process 6600 exited, status 75 May 17 15:44:02 mailserver master[6598]: ready for work May 17 15:44:02 mailserver master[6602]: about to exec /usr/cyrus/bin/ctl_mboxlist May 17 15:44:02 mailserver master[6598]: process 6602 exited, status 75 I've tried to recompile, recompile sasl (with db=gdbm) without results. Can someone give me a pointer? Tarjei
lmtpd vs sendmail
I am confused. The forking problem is solved, but there is another one. sendmail is much faster than lmtpd, what to do with that? When the box is down for some time, it is being flooded by e-mails once it's on and it just DIES, because sendmail is receiving mail much faster than lmtpd can handle it. Isnt anyone experiencing something like this? Nick Ustinov [EMAIL PROTECTED] http://www.videinfra.com
