Re: NO Login failed: generic failure
Marc, On Wed, March 26, 2014 22:04, Marc Fournier wrote: > > On Mar 26, 2014, at 12:54 , Marc Fournier wrote: > >> Mar 26 19:47:17 xxx imap[1448]: Could not open db >> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username >> sa...@xxx.info >> Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT >> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info'; Your DB config is off.. >> Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column: >> cmusaslsecretPLAIN >> Mar 26 19:47:17 xxx imap[1448]: commit transaction >> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username >> sa...@xxx.info >> Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host >> Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db >> '/var/db/sqlite/mailsys' on host '' >> > > ‘k, think I got it … tracing “Could not open db” to where it is in the > code, turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c … > but, we don’t *use* sasldb, so why is that error being generated? You should look in your cyrus/sasl .config files. Thats where you put the importent stuff. > > Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file > there, which is why that error isn’t being generated … so, I just created > a ‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly, > it looks like everything is authenticating properly … > > Still have to do more testing but … is there some way to *disable* it > checking for that file? I created and then disabled an account in it, so > that its got the right structure, so its not too painful of a solution, > just not sure why it came up in the first place … when I upgraded the > code, the version of cyrus-sasl didn’t change (2.1.16 in both the pre and > post upgrade systems, just confirmed), but cyrus-imap went from 2.3 -> 2.4 > … so a stricter requirement in 2.4 that I hadn’t seen before … ? > I did my auth in MySQL. SQLite would be more or less the same. Define your SQL in your SASL confg, and your off.. -- Mogens Melander +66 8701 33224 BTW. I would prefere (prefere, not being a proper English word, substitute with: like ) to receive e-mail in plain text. Please look for an option, to associate, mail to me, with plain text. Thank you. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 16:27 , Mogens Melander wrote: > Dude, check again: > > > In your login, cmusaslsecretPLAIN coloumn is missing ?? Already fixed the issue … had nothing to do with the SQL query … for some reason, even with auxprop set to sql, its trying to access sasldb2.db, whch didn’t exist on the ones not working … creating a ‘dummy file’ fixed the immediate issue, althoguh it doesn’t explain why it was even looking there … also, removing libsasldb.* fixes it, but that one more a pain since on upgrade, one would have to remember to re-remove them … > > On Wed, March 26, 2014 19:05, Marc Fournier wrote: >> >> Yes, they are all the same … data isn’t, obvously, but the structure >> hasn’t changed … in fact, the mail systems on all three servers that I’m >> currently working with have been running / configured for 5+ years now … >> only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the >> latest … >> >> I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing >> from) and all went smooth … I never change config files unless I have to, >> and in this case, nothing had to be changed … and the lack of useful error >> message is making it twice as difficult to debug ;( >> >> >> >> On Mar 26, 2014, at 10:59 , Helmut Weigel >> wrote: >> >>> You said, you compared the cyrus config files. >>> Did you compare the structure and data of the sqllite databases? >>> >>> Regards Helmut >>> >>> Von: Marc Fournier [mailto:scra...@hub.org] >>> Gesendet: Mittwoch, 26. März 2014 18:20 >>> An: Helmut Weigel >>> Cc: info-cyrus@lists.andrew.cmu.edu >>> Betreff: Re: NO Login failed: generic failure >>> >>> >>> Never has been, nor is there on the working system … I don’t even know >>> where that query is coming from, as my imapd.conf has: >>> >>> pwcheck_method: auxprop >>> auxprop_plugin: sql >>> >>> sasl_sql_engine: sqlite >>> sasl_sql_database: /var/db/sqlite/mailsys >>> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' >>> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( >>> '%u@%r', '%v' ) >>> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' >>> >>> this is the same config on both system, and even lookign on the *good* >>> system (that I’m reading / sending this through) at its >>> /var/log/debug.log, I see it doing that extra query, but, again, no idea >>> where it is coming from … its not something I wrote … only the first >>> query is: >>> >>> Mar 26 14:02:37 hub pop3[75904]: begin transaction >>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from >>> userPassword ams hub.org >>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT >>> userPassword FROM sasl_auth WHERE userid = 'a...@hub.org'; >>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from >>> cmusaslsecretPLAIN ams hub.org >>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT >>> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org'; >>> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: >>> cmusaslsecretPLAIN >>> Mar 26 14:02:37 hub pop3[75904]: commit transaction >>> >>> >>> >>> >>> On Mar 26, 2014, at 10:11 , Helmut Weigel >>> wrote: >>> >>> >>> Hi, >>> >>> the problem is located in your SQL Database. The Error Message says: >>> >>> >>> There’s no colum cmusaslsecretPLAIN >>> >>> >>> Double Check your Database >>> >>> Regards Helmut >>> >>> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu >>> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im >>> Auftrag von Marc Fournier >>> Gesendet: Mittwoch, 26. März 2014 17:28 >>> An: info-cyrus@lists.andrew.cmu.edu >>> Betreff: NO Login failed: generic failure >>> >>> >>> I have two servers, both with identical configurations, right down to >>> their imapd.conf files … both use sqlite to store auth information … >>> >>> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: >>> >>> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 >>> >>> One works great, nary a problem …
Re: NO Login failed: generic failure
Dude, check again: In your login, cmusaslsecretPLAIN coloumn is missing ?? On Wed, March 26, 2014 19:05, Marc Fournier wrote: > > Yes, they are all the same … data isn’t, obvously, but the structure > hasn’t changed … in fact, the mail systems on all three servers that I’m > currently working with have been running / configured for 5+ years now … > only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the > latest … > > I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing > from) and all went smooth … I never change config files unless I have to, > and in this case, nothing had to be changed … and the lack of useful error > message is making it twice as difficult to debug ;( > > > > On Mar 26, 2014, at 10:59 , Helmut Weigel > wrote: > >> You said, you compared the cyrus config files. >> Did you compare the structure and data of the sqllite databases? >> >> Regards Helmut >> >> Von: Marc Fournier [mailto:scra...@hub.org] >> Gesendet: Mittwoch, 26. März 2014 18:20 >> An: Helmut Weigel >> Cc: info-cyrus@lists.andrew.cmu.edu >> Betreff: Re: NO Login failed: generic failure >> >> >> Never has been, nor is there on the working system … I don’t even know >> where that query is coming from, as my imapd.conf has: >> >> pwcheck_method: auxprop >> auxprop_plugin: sql >> >> sasl_sql_engine: sqlite >> sasl_sql_database: /var/db/sqlite/mailsys >> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' >> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( >> '%u@%r', '%v' ) >> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' >> >> this is the same config on both system, and even lookign on the *good* >> system (that I’m reading / sending this through) at its >> /var/log/debug.log, I see it doing that extra query, but, again, no idea >> where it is coming from … its not something I wrote … only the first >> query is: >> >> Mar 26 14:02:37 hub pop3[75904]: begin transaction >> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from >> userPassword ams hub.org >> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT >> userPassword FROM sasl_auth WHERE userid = 'a...@hub.org'; >> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from >> cmusaslsecretPLAIN ams hub.org >> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT >> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org'; >> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: >> cmusaslsecretPLAIN >> Mar 26 14:02:37 hub pop3[75904]: commit transaction >> >> >> >> >> On Mar 26, 2014, at 10:11 , Helmut Weigel >> wrote: >> >> >> Hi, >> >> the problem is located in your SQL Database. The Error Message says: >> >> >> There’s no colum cmusaslsecretPLAIN >> >> >> Double Check your Database >> >> Regards Helmut >> >> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu >> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im >> Auftrag von Marc Fournier >> Gesendet: Mittwoch, 26. März 2014 17:28 >> An: info-cyrus@lists.andrew.cmu.edu >> Betreff: NO Login failed: generic failure >> >> >> I have two servers, both with identical configurations, right down to >> their imapd.conf files … both use sqlite to store auth information … >> >> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: >> >> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 >> >> One works great, nary a problem … the other, I get the above message >> when I try and authenticate. And I can’t find anything different … I’ve >> checked permissions on the various files, etc … >> >> /var/log # telnet localhost imap >> Trying 127.0.0.1... >> Connected to localhost. >> Escape character is '^]'. >> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 >> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx >> Cyrus IMAP v2.4.17 server ready >> . login x...@xxx.xxx xxx >> . NO Login failed: generic failure >> . logout >> * BYE LOGOUT received >> . OK Completed >> Connection closed by foreign host. >> >> /var/log/debug.log shows: >> >> == >> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine >> 'sqlite' >> Mar 26 16:09:08 xxx imap[67279]
Re: NO Login failed: generic failure
You got your answer in: sql plugin: no such column: cmusaslsecretPLAIN I've been there.. Edit your SQL to match your DB layout. On Wed, March 26, 2014 17:27, Marc Fournier wrote: > > I have two servers, both with identical configurations, right down to > their imapd.conf files … both use sqlite to store auth information … > > Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: > > cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 > > One works great, nary a problem … the other, I get the above message when > I try and authenticate. And I can’t find anything different … I’ve > checked permissions on the various files, etc … > > Mar 26 16:09:49 xxx imap[67279]: begin transaction > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > userPassword xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT > userPassword FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > cmusaslsecretPLAIN xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT > cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: > cmusaslsecretPLAIN > Mar 26 16:09:49 xxx imap[67279]: commit transaction -- Mogens Melander +66 8701 33224 BTW. I would prefere (prefere, not being a proper English word, substitute with: like ) to receive e-mail in plain text. Please look for an option, to associate, mail to me, with plain text. Thank you. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 16:15 , Mogens Melander wrote: > Guys, please .. > > Can someone please filter out those HTML messages, and only pass the > plain text. Most HTML get sniped on arrival, the rest just annoy me. > > I do understand, this guy went a long way to present hi problem, but > inline css, other stuff, will not bring more information. > > It's late, and I'm grumpy, but really ? > Sorry, I’m just cut-n-pasting from Mac Terminal into Mac Mail … I’m not doing anything special … if anyone can suggest what I’m doing wrong there, I would be appreciative … wasn’t intending to send HTML … oh, back to the days of using pine to read email *sigh* Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
Guys, please .. Can someone please filter out those HTML messages, and only pass the plain text. Most HTML get sniped on arrival, the rest just annoy me. I do understand, this guy went a long way to present hi problem, but inline css, other stuff, will not bring more information. It's late, and I'm grumpy, but really ? On Wed, March 26, 2014 17:27, Marc Fournier wrote: > > I have two servers, both with identical configurations, right down to > their imapd.conf files … both use sqlite to store auth information … > > Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: > > cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 > > One works great, nary a problem … the other, I get the above message when > I try and authenticate. And I can’t find anything different … I’ve > checked permissions on the various files, etc … > > /var/log # telnet localhost imap > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 > AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus > IMAP v2.4.17 server ready > . login x...@xxx.xxx xxx > . NO Login failed: generic failure > . logout > * BYE LOGOUT received > . OK Completed > Connection closed by foreign host. > > /var/log/debug.log shows: > > == > Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite' > Mar 26 16:09:08 xxx imap[67279]: executed > Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine > Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening > /var/spool/imap/user_deny.db: No such file or directory > Mar 26 16:09:08 xxx imap[67279]: accepted connection > Mar 26 16:09:36 xxx imap[67279]: accepted connection > Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host > Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > Mar 26 16:09:49 xxx imap[67279]: begin transaction > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > userPassword xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT > userPassword FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > cmusaslsecretPLAIN xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT > cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: > cmusaslsecretPLAIN > Mar 26 16:09:49 xxx imap[67279]: commit transaction > Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host > Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > > /var/log/messages shows: > > Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] > plaintext x...@xxx.xxx SASL(-1): generic failure: checkpass failed > > I’ve even tried su’ng to the cyrus user and running the sql command > against the database, and it returns the right database: > > % echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';" > | sqlite /var/db/sqlite/mailsys > rightPW > % > > I’ve double checked the imapd.conf files, and they are identical except > different admins: and one has tls_* lines in it … but I’m having the > identical issue with *another* server, and it doesn’t have the tls_* lines > … > > I figure I have to be overlooking *something* stupid, but I’m at a loss as > to what it could be … I’ve even checked md5 on imapd between both working > / non-working … identical … > > Is there any way of getting more debug information out of the backend > without modifying the code itself? > > Thanks ... > -- Mogens Melander +66 8701 33224 BTW. I would prefere (prefere, not being a proper English word, substitute with: like ) to receive e-mail in plain text. Please look for an option, to associate, mail to me, with plain text. Thank you. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 14:40 , Dan White wrote: > If your cyrus sasl was compiled as shared libraries, you can delete the > library from your disk to prevent it from loading (pluginviewer -a should > confirm). Hrmmm … this is all ‘pluginviewer -a’ shows … shouldn’t sql be listed? Installed and properly configured auxprop mechanisms are: sasldb List of auxprop plugins follows Plugin "sasldb" , API version: 8 supports store: yes but, removing the libsasldb.* files does correct the issue .. but, disadvantage there is that I have to remember to do this on next upgrade, since it will re-install those … adding the empty sasldb2.db file in is ‘safer’ long term … thx Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On 03/26/14 11:45 -0700, Marc Fournier wrote: > >On Mar 26, 2014, at 11:25 , Dan White wrote: >> What does your imapd.conf config look like? In particular the sasl_*, >> virtdomain, defaultdomain, allowplaintext, and loginrealms options. > >configdirectory: /var/spool/imap >partition-default: /var/spool/mail >duplicatesuppression: 1 >sievedir: /var/spool/sieve >sendmail: /usr/sbin/sendmail >hashimapspool: yes >lmtpsocket: /var/run/socket/lmtp >unixhierarchysep: 0 >quotawarn: 90 >virtdomains: 1 >allowplaintext: 1 > >pwcheck_method: auxprop >auxprop_plugin: sql This *should* prevent sasldb from initializing. On 03/26/14 14:04 -0700, Marc Fournier wrote: >‘k, think I got it … tracing “Could not open db” to where it is in the >code, turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c … >but, we don’t *use* sasldb, so why is that error being generated? > >Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file >there, which is why that error isn’t being generated … so, I just created >a ‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly, >it looks like everything is authenticating properly … > >Still have to do more testing but … is there some way to *disable* it >checking for that file? I created and then disabled an account in it, so >that its got the right structure, so its not too painful of a solution, >just not sure why it came up in the first place … when I upgraded the >code, the version of cyrus-sasl didn’t change (2.1.16 in both the pre and >post upgrade systems, just confirmed), but cyrus-imap went from 2.3 -> 2.4 >… so a stricter requirement in 2.4 that I hadn’t seen before … ? If your cyrus sasl was compiled as shared libraries, you can delete the library from your disk to prevent it from loading (pluginviewer -a should confirm). -- Dan White Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 12:54 , Marc Fournier wrote: > > > Mar 26 19:47:17 xxx imap[1448]: Could not open db > Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info > Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host > Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > Mar 26 19:47:17 xxx imap[1448]: begin transaction > Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from userPassword > sales xxx.info > Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT userPassword > FROM sasl_auth WHERE userid = 'sa...@xxx.info'; > Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from > cmusaslsecretPLAIN sales xxx.info > Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT > cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info'; > Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column: > cmusaslsecretPLAIN > Mar 26 19:47:17 xxx imap[1448]: commit transaction > Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info > Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host > Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > ‘k, think I got it … tracing “Could not open db” to where it is in the code, turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c … but, we don’t *use* sasldb, so why is that error being generated? Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file there, which is why that error isn’t being generated … so, I just created a ‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly, it looks like everything is authenticating properly … Still have to do more testing but … is there some way to *disable* it checking for that file? I created and then disabled an account in it, so that its got the right structure, so its not too painful of a solution, just not sure why it came up in the first place … when I upgraded the code, the version of cyrus-sasl didn’t change (2.1.16 in both the pre and post upgrade systems, just confirmed), but cyrus-imap went from 2.3 -> 2.4 … so a stricter requirement in 2.4 that I hadn’t seen before … ? Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 12:54 , Marc Fournier wrote: > But, if it can’t open the db (or is that for a different db?), then how does > it know that the first query works fine, but the second one is missing a > column? It has to open the db to do that … unless, again, the ‘Could not > open’ is trying to open a different db? I should have probably thought to mention this previously, and it might be irrelevant, but … mail delivery works fine … in /var/log/auth.log, I see: Mar 26 19:50:02 xxx lmtpunix[2018]: sql auxprop plugin using sqlite engine Mar 26 19:55:02 xxx lmtpunix[2845]: sql auxprop plugin using sqlite engine Mar 26 20:00:05 xxx lmtpunix[3808]: sql auxprop plugin using sqlite engine Mar 26 20:05:07 xxx lmtpunix[4537]: sql auxprop plugin using sqlite engine Mar 26 20:10:02 xxx lmtpunix[12058]: sql auxprop plugin using sqlite engine And there are no ‘Could not open db’ messages associated with that … since its not actually doing any queries against it, I don’t think this has any relevance, but figured it couldn’t hurt to include the information … Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 11:25 , Dan White wrote: >> > > Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is > logging 'auth.*’. With sasl_log_level set to 7, master restarted: Mar 26 19:47:17 xxx imap[1448]: Could not open db Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host '' Mar 26 19:47:17 xxx imap[1448]: begin transaction Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from userPassword sales xxx.info Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT userPassword FROM sasl_auth WHERE userid = 'sa...@xxx.info'; Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from cmusaslsecretPLAIN sales xxx.info Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info'; Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column: cmusaslsecretPLAIN Mar 26 19:47:17 xxx imap[1448]: commit transaction Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host '' ‘k, so “Could not open db” … useful, but why not? Which db? From the command line, as user ‘cyrus’: # su - cyrus % ls -ld /var/db/sqlite/mailsys -rw-r--r-- 1 root wheel 8192 Mar 26 07:52 /var/db/sqlite/mailsys % sqlite /var/db/sqlite/mailsys SQLite version 2.8.17 Enter ".help" for instructions sqlite> select count(1) from sasl_auth; 11 sqlite> % But, if it can’t open the db (or is that for a different db?), then how does it know that the first query works fine, but the second one is missing a column? It has to open the db to do that … unless, again, the ‘Could not open’ is trying to open a different db? Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On 03/26/14 11:45 -0700, Marc Fournier wrote: > >On Mar 26, 2014, at 11:25 , Dan White wrote: > >> >> What does your imapd.conf config look like? In particular the sasl_*, >> virtdomain, defaultdomain, allowplaintext, and loginrealms options. > > >configdirectory: /var/spool/imap >partition-default: /var/spool/mail >duplicatesuppression: 1 >sievedir: /var/spool/sieve >sendmail: /usr/sbin/sendmail >hashimapspool: yes >lmtpsocket: /var/run/socket/lmtp >unixhierarchysep: 0 >quotawarn: 90 >virtdomains: 1 >allowplaintext: 1 > >pwcheck_method: auxprop >auxprop_plugin: sql > >sasl_sql_engine: sqlite >sasl_sql_database: /var/db/sqlite/mailsys >sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' >sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( >'%u@%r', '%v' ) >sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' > >tls_ca_file: /var/imap/server.pem >tls_cert_file: /var/imap/server.pem >tls_key_file: /var/imap/server.pem You should have your domain(s) listed within a loginrealms statement. I recommend 'virtdomain: userid' over on or 1. -- Dan White Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On Mar 26, 2014, at 11:25 , Dan White wrote: > > What does your imapd.conf config look like? In particular the sasl_*, > virtdomain, defaultdomain, allowplaintext, and loginrealms options. configdirectory: /var/spool/imap partition-default: /var/spool/mail duplicatesuppression: 1 sievedir: /var/spool/sieve sendmail: /usr/sbin/sendmail hashimapspool: yes lmtpsocket: /var/run/socket/lmtp unixhierarchysep: 0 quotawarn: 90 virtdomains: 1 allowplaintext: 1 pwcheck_method: auxprop auxprop_plugin: sql sasl_sql_engine: sqlite sasl_sql_database: /var/db/sqlite/mailsys sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( '%u@%r', '%v' ) sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' tls_ca_file: /var/imap/server.pem tls_cert_file: /var/imap/server.pem tls_key_file: /var/imap/server.pem only difference between the above and the other one that isn’t working *and* the one that is, is the tls_* lines … > > Try using a sasl mechanism, e.g.: > > imtest -m digest-md5 -a 'x...@xxx.xxx’ localhost # imtest -m digest-md5 -a x...@xxx.xxx localhost S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus IMAP v2.4.17 server ready C: A01 AUTHENTICATE DIGEST-MD5 S: + bm9uY2U9IjdaZ0NLa1AxQTRPYmtlUHp2K3VaL0pSa3FYRUtzTFhtaFgwK1grbmJ2RlE9IixyZWFsbT0icmRmdW5kLmNvbSIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVyPSJyYzQtNDAscmM0LTU2LHJjNCxkZXMsM2RlcyIsbWF4YnVmPTQwOTYsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M= Please enter your password: C: dXNlcm5hbWU9InNhbGVzQG9mYWMuaW5mbyIscmVhbG09InJkZnVuZC5jb20iLG5vbmNlPSI3WmdDS2tQMUE0T2JrZVB6dit1Wi9KUmtxWEVLc0xYbWhYMCtYK25idkZRPSIsY25vbmNlPSI1WFVrUXZZbFZybXp3dndYREY3MHM4SkROcUcyOEM5Z1FuMUNCVy9xM29JPSIsbmM9MDAwMDAwMDEscW9wPWF1dGgtY29uZixjaXBoZXI9cmM0LG1heGJ1Zj0xMDI0LGRpZ2VzdC11cmk9ImltYXAvbG9jYWxob3N0IixyZXNwb25zZT05ODlhNzk3NTU5ZDY1OTY1NGRhODZiMGQ1OTc0ODU1ZQ== S: A01 NO generic failure Authentication failed. generic failure Security strength factor: 128 C: C01 CAPABILITY S: * CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxte QUOTA MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ SORT=DISPLAY THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE LIST-EXTENDED WITHIN QRESYNC SCAN XLIST URLAUTH URLAUTH=BINARY X-NETSCAPE STARTTLS AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR COMPRESS=DEFLATE IDLE S: C01 OK Completed quit * BAD Invalid tag . logout * BYE LOGOUT received . OK Completed Connection closed. > >> Is there any way of getting more debug information out of the backend >> without modifying the code itself? > > Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is > logging 'auth.*’. k, will do this and re-test things … > > -- > Dan White Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
On 03/26/14 09:27 -0700, Marc Fournier wrote: >cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 >/var/log # telnet localhost imap >Trying 127.0.0.1... >Connected to localhost. >Escape character is '^]'. >* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 >AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus >IMAP v2.4.17 server ready >. login x...@xxx.xxx xxx >. NO Login failed: generic failure >. logout >* BYE LOGOUT received >. OK Completed >Connection closed by foreign host. > >/var/log/debug.log shows: > >== >Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite' >Mar 26 16:09:08 xxx imap[67279]: executed >Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine >Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening >/var/spool/imap/user_deny.db: No such file or directory >Mar 26 16:09:08 xxx imap[67279]: accepted connection >Mar 26 16:09:36 xxx imap[67279]: accepted connection >Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx >Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host >Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db >'/var/db/sqlite/mailsys' on host '' >Mar 26 16:09:49 xxx imap[67279]: begin transaction >Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from userPassword >xxx xxx.xxx >Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword >FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; >Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from >cmusaslsecretPLAIN xxx xxx.xxx >Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT >cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; >Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: cmusaslsecretPLAIN >Mar 26 16:09:49 xxx imap[67279]: commit transaction >Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx >Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host >Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db >'/var/db/sqlite/mailsys' on host '' > >/var/log/messages shows: > >Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext >x...@xxx.xxx SASL(-1): generic failure: checkpass failed > >I’ve even tried su’ng to the cyrus user and running the sql command against >the database, and it returns the right database: > >% echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';" | >sqlite /var/db/sqlite/mailsys >rightPW >% What does your imapd.conf config look like? In particular the sasl_*, virtdomain, defaultdomain, allowplaintext, and loginrealms options. Try using a sasl mechanism, e.g.: imtest -m digest-md5 -a 'x...@xxx.xxx' localhost >Is there any way of getting more debug information out of the backend without >modifying the code itself? Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is logging 'auth.*'. -- Dan White Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus
Re: NO Login failed: generic failure
Yes, they are all the same … data isn’t, obvously, but the structure hasn’t changed … in fact, the mail systems on all three servers that I’m currently working with have been running / configured for 5+ years now … only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the latest … I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing from) and all went smooth … I never change config files unless I have to, and in this case, nothing had to be changed … and the lack of useful error message is making it twice as difficult to debug ;( On Mar 26, 2014, at 10:59 , Helmut Weigel wrote: > You said, you compared the cyrus config files. > Did you compare the structure and data of the sqllite databases? > > Regards Helmut > > Von: Marc Fournier [mailto:scra...@hub.org] > Gesendet: Mittwoch, 26. März 2014 18:20 > An: Helmut Weigel > Cc: info-cyrus@lists.andrew.cmu.edu > Betreff: Re: NO Login failed: generic failure > > > Never has been, nor is there on the working system … I don’t even know where > that query is coming from, as my imapd.conf has: > > pwcheck_method: auxprop > auxprop_plugin: sql > > sasl_sql_engine: sqlite > sasl_sql_database: /var/db/sqlite/mailsys > sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' > sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( > '%u@%r', '%v' ) > sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' > > this is the same config on both system, and even lookign on the *good* system > (that I’m reading / sending this through) at its /var/log/debug.log, I see it > doing that extra query, but, again, no idea where it is coming from … its not > something I wrote … only the first query is: > > Mar 26 14:02:37 hub pop3[75904]: begin transaction > Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from > userPassword ams hub.org > Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT userPassword > FROM sasl_auth WHERE userid = 'a...@hub.org'; > Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from > cmusaslsecretPLAIN ams hub.org > Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT > cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org'; > Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: > cmusaslsecretPLAIN > Mar 26 14:02:37 hub pop3[75904]: commit transaction > > > > > On Mar 26, 2014, at 10:11 , Helmut Weigel wrote: > > > Hi, > > the problem is located in your SQL Database. The Error Message says: > > > There’s no colum cmusaslsecretPLAIN > > > Double Check your Database > > Regards Helmut > > Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu > [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im Auftrag > von Marc Fournier > Gesendet: Mittwoch, 26. März 2014 17:28 > An: info-cyrus@lists.andrew.cmu.edu > Betreff: NO Login failed: generic failure > > > I have two servers, both with identical configurations, right down to their > imapd.conf files … both use sqlite to store auth information … > > Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: > > cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 > > One works great, nary a problem … the other, I get the above message when I > try and authenticate. And I can’t find anything different … I’ve checked > permissions on the various files, etc … > > /var/log # telnet localhost imap > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 > AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus > IMAP v2.4.17 server ready > . login x...@xxx.xxx xxx > . NO Login failed: generic failure > . logout > * BYE LOGOUT received > . OK Completed > Connection closed by foreign host. > > /var/log/debug.log shows: > > == > Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite' > Mar 26 16:09:08 xxx imap[67279]: executed > Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine > Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening > /var/spool/imap/user_deny.db: No such file or directory > Mar 26 16:09:08 xxx imap[67279]: accepted connection > Mar 26 16:09:36 xxx imap[67279]: accepted connection > Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host > Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db
Re: NO Login failed: generic failure
Never has been, nor is there on the working system … I don’t even know where that query is coming from, as my imapd.conf has: pwcheck_method: auxprop auxprop_plugin: sql sasl_sql_engine: sqlite sasl_sql_database: /var/db/sqlite/mailsys sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r' sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( '%u@%r', '%v' ) sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r' this is the same config on both system, and even lookign on the *good* system (that I’m reading / sending this through) at its /var/log/debug.log, I see it doing that extra query, but, again, no idea where it is coming from … its not something I wrote … only the first query is: Mar 26 14:02:37 hub pop3[75904]: begin transaction Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from userPassword ams hub.org Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT userPassword FROM sasl_auth WHERE userid = 'a...@hub.org'; Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from cmusaslsecretPLAIN ams hub.org Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org'; Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: cmusaslsecretPLAIN Mar 26 14:02:37 hub pop3[75904]: commit transaction On Mar 26, 2014, at 10:11 , Helmut Weigel wrote: > Hi, > > the problem is located in your SQL Database. The Error Message says: > > > There’s no colum cmusaslsecretPLAIN > > > Double Check your Database > > Regards Helmut > > Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu > [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im Auftrag > von Marc Fournier > Gesendet: Mittwoch, 26. März 2014 17:28 > An: info-cyrus@lists.andrew.cmu.edu > Betreff: NO Login failed: generic failure > > > I have two servers, both with identical configurations, right down to their > imapd.conf files … both use sqlite to store auth information … > > Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: > > cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 > > One works great, nary a problem … the other, I get the above message when I > try and authenticate. And I can’t find anything different … I’ve checked > permissions on the various files, etc … > > /var/log # telnet localhost imap > Trying 127.0.0.1... > Connected to localhost. > Escape character is '^]'. > * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 > AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus > IMAP v2.4.17 server ready > . login x...@xxx.xxx xxx > . NO Login failed: generic failure > . logout > * BYE LOGOUT received > . OK Completed > Connection closed by foreign host. > > /var/log/debug.log shows: > > == > Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite' > Mar 26 16:09:08 xxx imap[67279]: executed > Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine > Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening > /var/spool/imap/user_deny.db: No such file or directory > Mar 26 16:09:08 xxx imap[67279]: accepted connection > Mar 26 16:09:36 xxx imap[67279]: accepted connection > Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host > Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > Mar 26 16:09:49 xxx imap[67279]: begin transaction > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > userPassword xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword > FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from > cmusaslsecretPLAIN xxx xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT > cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; > Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: > cmusaslsecretPLAIN > Mar 26 16:09:49 xxx imap[67279]: commit transaction > Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx > Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host > Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db > '/var/db/sqlite/mailsys' on host '' > > /var/log/messages shows: > > Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext > x...@xxx.xxx SASL(-1): gener
NO Login failed: generic failure
I have two servers, both with identical configurations, right down to their imapd.conf files … both use sqlite to store auth information … Both running on FreeBSD 10.x, and versions of imapd/sasl are the same: cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5 One works great, nary a problem … the other, I get the above message when I try and authenticate. And I can’t find anything different … I’ve checked permissions on the various files, etc … /var/log # telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus IMAP v2.4.17 server ready . login x...@xxx.xxx xxx . NO Login failed: generic failure . logout * BYE LOGOUT received . OK Completed Connection closed by foreign host. /var/log/debug.log shows: == Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite' Mar 26 16:09:08 xxx imap[67279]: executed Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening /var/spool/imap/user_deny.db: No such file or directory Mar 26 16:09:08 xxx imap[67279]: accepted connection Mar 26 16:09:36 xxx imap[67279]: accepted connection Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host '' Mar 26 16:09:49 xxx imap[67279]: begin transaction Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from userPassword xxx xxx.xxx Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from cmusaslsecretPLAIN xxx xxx.xxx Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx'; Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: cmusaslsecretPLAIN Mar 26 16:09:49 xxx imap[67279]: commit transaction Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db '/var/db/sqlite/mailsys' on host '' /var/log/messages shows: Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext x...@xxx.xxx SASL(-1): generic failure: checkpass failed I’ve even tried su’ng to the cyrus user and running the sql command against the database, and it returns the right database: % echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';" | sqlite /var/db/sqlite/mailsys rightPW % I’ve double checked the imapd.conf files, and they are identical except different admins: and one has tls_* lines in it … but I’m having the identical issue with *another* server, and it doesn’t have the tls_* lines … I figure I have to be overlooking *something* stupid, but I’m at a loss as to what it could be … I’ve even checked md5 on imapd between both working / non-working … identical … Is there any way of getting more debug information out of the backend without modifying the code itself? Thanks ... Cyrus Home Page: http://www.cyrusimap.org/ List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/ To Unsubscribe: https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus