subject:"NO Login failed\: generic failure"

Re: NO Login failed: generic failure

2014-03-26 Thread Mogens Melander

Marc,

On Wed, March 26, 2014 22:04, Marc Fournier wrote:
>
> On Mar 26, 2014, at 12:54 , Marc Fournier  wrote:
>
>> Mar 26 19:47:17 xxx imap[1448]: Could not open db
>> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username
>> sa...@xxx.info
>> Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT
>> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info';

Your DB config is off..

>> Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column:
>> cmusaslsecretPLAIN
>> Mar 26 19:47:17 xxx imap[1448]: commit transaction
>> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username
>> sa...@xxx.info
>> Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host
>> Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db
>> '/var/db/sqlite/mailsys' on host ''
>>
>
> ‘k, think I got it … tracing “Could not open db” to where it is in the
> code, turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c …
> but, we don’t *use* sasldb, so why is that error being generated?

You should look in your cyrus/sasl .config files. Thats where
you put the importent stuff.
>
> Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file
> there, which is why that error isn’t being  generated … so, I just created
> a ‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly,
> it looks like everything is authenticating properly …
>
> Still have to do more testing but … is there some way to *disable* it
> checking for that file?  I created and then disabled an account in it, so
> that its got the right structure, so its not too painful of a solution,
> just not sure why it came up in the first place … when I upgraded the
> code, the version of cyrus-sasl didn’t change (2.1.16 in both the pre and
> post upgrade systems, just confirmed), but cyrus-imap went from 2.3 -> 2.4
> … so a stricter requirement in 2.4 that I hadn’t seen before … ?
>

I did my auth in MySQL. SQLite would be more or less the same.
Define your SQL in your SASL confg, and your off..

-- 
Mogens Melander
+66 8701 33224

BTW. I would prefere (prefere, not being a proper English word,
substitute with: like ) to receive e-mail in plain text.
Please look for an option, to associate, mail to
me, with plain text. Thank you.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


On Mar 26, 2014, at 16:27 , Mogens Melander  wrote:

> Dude, check again:
> 
> 
> In your login, cmusaslsecretPLAIN coloumn is missing ??

Already fixed the issue … had nothing to do with the SQL query … for some 
reason, even with auxprop set to sql, its trying to access sasldb2.db, whch 
didn’t exist on the ones not working … creating a ‘dummy file’ fixed the 
immediate issue, althoguh it doesn’t explain why it was even looking there … 
also, removing libsasldb.* fixes it, but that one more a pain since on upgrade, 
one would have to remember to re-remove them …


> 
> On Wed, March 26, 2014 19:05, Marc Fournier wrote:
>> 
>> Yes, they are all the same … data isn’t, obvously, but the structure
>> hasn’t changed … in fact, the mail systems on all three servers that I’m
>> currently working with have been running / configured for 5+ years now …
>> only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the
>> latest …
>> 
>> I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing
>> from) and all went smooth … I never change config files  unless I have to,
>> and in this case, nothing had to be changed … and the lack of useful error
>> message is making it twice as difficult to debug ;(
>> 
>> 
>> 
>> On Mar 26, 2014, at 10:59 , Helmut Weigel 
>> wrote:
>> 
>>> You said, you compared the cyrus config files.
>>> Did you compare the structure and data of the sqllite databases?
>>> 
>>> Regards Helmut
>>> 
>>> Von: Marc Fournier [mailto:scra...@hub.org]
>>> Gesendet: Mittwoch, 26. März 2014 18:20
>>> An: Helmut Weigel
>>> Cc: info-cyrus@lists.andrew.cmu.edu
>>> Betreff: Re: NO Login failed: generic failure
>>> 
>>> 
>>> Never has been, nor is there on the working system … I don’t even know
>>> where that query is coming from, as my imapd.conf has:
>>> 
>>> pwcheck_method: auxprop
>>> auxprop_plugin: sql
>>> 
>>> sasl_sql_engine: sqlite
>>> sasl_sql_database: /var/db/sqlite/mailsys
>>> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
>>> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES (
>>> '%u@%r', '%v' )
>>> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'
>>> 
>>> this is the same config on both system, and even lookign on the *good*
>>> system (that I’m reading / sending this through) at its
>>> /var/log/debug.log, I see it doing that extra query, but, again, no idea
>>> where it is coming from … its not something I wrote … only the first
>>> query is:
>>> 
>>> Mar 26 14:02:37 hub pop3[75904]: begin transaction
>>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from
>>> userPassword ams hub.org
>>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT
>>> userPassword FROM sasl_auth WHERE userid = 'a...@hub.org';
>>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from
>>> cmusaslsecretPLAIN ams hub.org
>>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT
>>> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org';
>>> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column:
>>> cmusaslsecretPLAIN
>>> Mar 26 14:02:37 hub pop3[75904]: commit transaction
>>> 
>>> 
>>> 
>>> 
>>> On Mar 26, 2014, at 10:11 , Helmut Weigel 
>>> wrote:
>>> 
>>> 
>>> Hi,
>>> 
>>> the problem is located in your SQL Database. The Error Message says:
>>> 
>>> 
>>> There’s no colum  cmusaslsecretPLAIN
>>> 
>>> 
>>> Double Check your Database
>>> 
>>> Regards Helmut
>>> 
>>> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu
>>> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im
>>> Auftrag von Marc Fournier
>>> Gesendet: Mittwoch, 26. März 2014 17:28
>>> An: info-cyrus@lists.andrew.cmu.edu
>>> Betreff: NO Login failed: generic failure
>>> 
>>> 
>>> I have two servers, both with identical configurations, right down to
>>> their imapd.conf files … both use sqlite to store auth information …
>>> 
>>> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>>> 
>>> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>>> 
>>> One works great, nary a problem …

Re: NO Login failed: generic failure

2014-03-26 Thread Mogens Melander

Dude, check again:


In your login, cmusaslsecretPLAIN coloumn is missing ??

On Wed, March 26, 2014 19:05, Marc Fournier wrote:
>
> Yes, they are all the same … data isn’t, obvously, but the structure
> hasn’t changed … in fact, the mail systems on all three servers that I’m
> currently working with have been running / configured for 5+ years now …
> only change was upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the
> latest …
>
> I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing
> from) and all went smooth … I never change config files  unless I have to,
> and in this case, nothing had to be changed … and the lack of useful error
> message is making it twice as difficult to debug ;(
>
>
>
> On Mar 26, 2014, at 10:59 , Helmut Weigel 
> wrote:
>
>> You said, you compared the cyrus config files.
>> Did you compare the structure and data of the sqllite databases?
>>
>> Regards Helmut
>>
>> Von: Marc Fournier [mailto:scra...@hub.org]
>> Gesendet: Mittwoch, 26. März 2014 18:20
>> An: Helmut Weigel
>> Cc: info-cyrus@lists.andrew.cmu.edu
>> Betreff: Re: NO Login failed: generic failure
>>
>>
>> Never has been, nor is there on the working system … I don’t even know
>> where that query is coming from, as my imapd.conf has:
>>
>> pwcheck_method: auxprop
>> auxprop_plugin: sql
>>
>> sasl_sql_engine: sqlite
>> sasl_sql_database: /var/db/sqlite/mailsys
>> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
>> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES (
>> '%u@%r', '%v' )
>> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'
>>
>> this is the same config on both system, and even lookign on the *good*
>> system (that I’m reading / sending this through) at its
>> /var/log/debug.log, I see it doing that extra query, but, again, no idea
>> where it is coming from … its not something I wrote … only the first
>> query is:
>>
>> Mar 26 14:02:37 hub pop3[75904]: begin transaction
>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from
>> userPassword ams hub.org
>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT
>> userPassword FROM sasl_auth WHERE userid = 'a...@hub.org';
>> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from
>> cmusaslsecretPLAIN ams hub.org
>> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT
>> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org';
>> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column:
>> cmusaslsecretPLAIN
>> Mar 26 14:02:37 hub pop3[75904]: commit transaction
>>
>>
>>
>>
>> On Mar 26, 2014, at 10:11 , Helmut Weigel 
>> wrote:
>>
>>
>> Hi,
>>
>> the problem is located in your SQL Database. The Error Message says:
>>
>>
>> There’s no colum  cmusaslsecretPLAIN
>>
>>
>> Double Check your Database
>>
>> Regards Helmut
>>
>> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu
>> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im
>> Auftrag von Marc Fournier
>> Gesendet: Mittwoch, 26. März 2014 17:28
>> An: info-cyrus@lists.andrew.cmu.edu
>> Betreff: NO Login failed: generic failure
>>
>>
>> I have two servers, both with identical configurations, right down to
>> their imapd.conf files … both use sqlite to store auth information …
>>
>> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>>
>> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>>
>> One works great, nary a problem … the other, I get the above message
>> when I try and authenticate.  And I can’t find anything different … I’ve
>> checked permissions on the various files, etc …
>>
>> /var/log # telnet localhost imap
>> Trying 127.0.0.1...
>> Connected to localhost.
>> Escape character is '^]'.
>> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1
>> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx
>> Cyrus IMAP v2.4.17 server ready
>> . login x...@xxx.xxx xxx
>> . NO Login failed: generic failure
>> . logout
>> * BYE LOGOUT received
>> . OK Completed
>> Connection closed by foreign host.
>>
>> /var/log/debug.log shows:
>>
>> ==
>> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine
>> 'sqlite'
>> Mar 26 16:09:08 xxx imap[67279]

Re: NO Login failed: generic failure

2014-03-26 Thread Mogens Melander

You got your answer in:

sql plugin: no such column: cmusaslsecretPLAIN

I've been there..

Edit your SQL to match your DB layout.

On Wed, March 26, 2014 17:27, Marc Fournier wrote:
>
> I have two servers, both with identical configurations, right down to
> their imapd.conf files … both use sqlite to store auth information …
>
> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>
> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>
> One works great, nary a problem … the other, I get the above message when
> I try and authenticate.  And I can’t find anything different … I’ve
> checked permissions on the various files, etc …
>
> Mar 26 16:09:49 xxx imap[67279]: begin transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from
> userPassword xxx xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT
> userPassword FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from
> cmusaslsecretPLAIN xxx xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT
> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column:
> cmusaslsecretPLAIN
> Mar 26 16:09:49 xxx imap[67279]: commit transaction


-- 
Mogens Melander
+66 8701 33224

BTW. I would prefere (prefere, not being a proper English word,
substitute with: like ) to receive e-mail in plain text.
Please look for an option, to associate, mail to
me, with plain text. Thank you.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


On Mar 26, 2014, at 16:15 , Mogens Melander  wrote:

> Guys, please ..
> 
> Can someone please filter out those HTML messages, and only pass the
> plain text. Most HTML get sniped on arrival, the rest just annoy me.
> 
> I do understand, this guy went a long way to present hi problem, but
> inline css, other stuff, will not bring more information.
> 
> It's late, and I'm grumpy, but really ?
> 

Sorry, I’m just cut-n-pasting from Mac Terminal into Mac Mail … I’m not doing 
anything special … if anyone can suggest what I’m doing wrong there, I would be 
appreciative … wasn’t intending to send HTML … oh, back to the days of using 
pine to read email *sigh*




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Mogens Melander

Guys, please ..

Can someone please filter out those HTML messages, and only pass the
plain text. Most HTML get sniped on arrival, the rest just annoy me.

I do understand, this guy went a long way to present hi problem, but
inline css, other stuff, will not bring more information.

It's late, and I'm grumpy, but really ?

On Wed, March 26, 2014 17:27, Marc Fournier wrote:
>
> I have two servers, both with identical configurations, right down to
> their imapd.conf files … both use sqlite to store auth information …
>
> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>
> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>
> One works great, nary a problem … the other, I get the above message when
> I try and authenticate.  And I can’t find anything different … I’ve
> checked permissions on the various files, etc …
>
> /var/log # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus
> IMAP v2.4.17 server ready
> . login x...@xxx.xxx xxx
> . NO Login failed: generic failure
> . logout
> * BYE LOGOUT received
> . OK Completed
> Connection closed by foreign host.
>
> /var/log/debug.log shows:
>
> ==
> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
> Mar 26 16:09:08 xxx imap[67279]: executed
> Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
> Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening
> /var/spool/imap/user_deny.db: No such file or directory
> Mar 26 16:09:08 xxx imap[67279]: accepted connection
> Mar 26 16:09:36 xxx imap[67279]: accepted connection
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db
> '/var/db/sqlite/mailsys' on host ''
> Mar 26 16:09:49 xxx imap[67279]: begin transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from
> userPassword xxx xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT
> userPassword FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from
> cmusaslsecretPLAIN xxx xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT
> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column:
> cmusaslsecretPLAIN
> Mar 26 16:09:49 xxx imap[67279]: commit transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db
> '/var/db/sqlite/mailsys' on host ''
>
> /var/log/messages shows:
>
> Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227]
> plaintext x...@xxx.xxx SASL(-1): generic failure: checkpass failed
>
> I’ve even tried su’ng to the cyrus user and running the sql command
> against the database, and it returns the right database:
>
> % echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';"
> | sqlite /var/db/sqlite/mailsys
> rightPW
> %
>
> I’ve double checked the imapd.conf files, and they are identical except
> different admins: and one has tls_* lines in it … but I’m having the
> identical issue with *another* server, and it doesn’t have the tls_* lines
> …
>
> I figure I have to be overlooking *something* stupid, but I’m at a loss as
> to what it could be … I’ve even checked md5 on imapd between both working
> / non-working … identical …
>
> Is there any way of getting more debug information out of the backend
> without modifying the code itself?
>
> Thanks ...
>

-- 
Mogens Melander
+66 8701 33224

BTW. I would prefere (prefere, not being a proper English word,
substitute with: like ) to receive e-mail in plain text.
Please look for an option, to associate, mail to
me, with plain text. Thank you.


-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.


Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier

On Mar 26, 2014, at 14:40 , Dan White  wrote:

> If your cyrus sasl was compiled as shared libraries, you can delete the
> library from your disk to prevent it from loading (pluginviewer -a should
> confirm).

Hrmmm … this is all ‘pluginviewer -a’ shows … shouldn’t sql be listed?

Installed and properly configured auxprop mechanisms are:
sasldb
List of auxprop plugins follows
Plugin "sasldb" ,   API version: 8
supports store: yes

but, removing the libsasldb.* files does correct the issue .. but, disadvantage 
there is that I have to remember to do this on next upgrade, since it will 
re-install those … adding the empty sasldb2.db file in is ‘safer’ long term …

thx
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Dan White

On 03/26/14 11:45 -0700, Marc Fournier wrote:
>
>On Mar 26, 2014, at 11:25 , Dan White  wrote:
>> What does your imapd.conf config look like? In particular the sasl_*,
>> virtdomain, defaultdomain, allowplaintext, and loginrealms options.
>
>configdirectory: /var/spool/imap
>partition-default: /var/spool/mail
>duplicatesuppression: 1
>sievedir: /var/spool/sieve
>sendmail: /usr/sbin/sendmail
>hashimapspool: yes
>lmtpsocket: /var/run/socket/lmtp
>unixhierarchysep: 0
>quotawarn: 90
>virtdomains: 1
>allowplaintext: 1
>
>pwcheck_method: auxprop
>auxprop_plugin: sql

This *should* prevent sasldb from initializing.

On 03/26/14 14:04 -0700, Marc Fournier wrote:
>‘k, think I got it … tracing “Could not open db” to where it is in the
>code, turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c …
>but, we don’t *use* sasldb, so why is that error being generated?
>
>Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file
>there, which is why that error isn’t being  generated … so, I just created
>a ‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly,
>it looks like everything is authenticating properly …
>
>Still have to do more testing but … is there some way to *disable* it
>checking for that file?  I created and then disabled an account in it, so
>that its got the right structure, so its not too painful of a solution,
>just not sure why it came up in the first place … when I upgraded the
>code, the version of cyrus-sasl didn’t change (2.1.16 in both the pre and
>post upgrade systems, just confirmed), but cyrus-imap went from 2.3 -> 2.4
>… so a stricter requirement in 2.4 that I hadn’t seen before … ?

If your cyrus sasl was compiled as shared libraries, you can delete the
library from your disk to prevent it from loading (pluginviewer -a should
confirm).

-- 
Dan White

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


On Mar 26, 2014, at 12:54 , Marc Fournier  wrote:

> 
> 
> Mar 26 19:47:17 xxx imap[1448]: Could not open db 
> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info
> Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host
> Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db 
> '/var/db/sqlite/mailsys' on host '' 
> Mar 26 19:47:17 xxx imap[1448]: begin transaction
> Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from userPassword 
> sales xxx.info
> Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT userPassword 
> FROM sasl_auth WHERE userid = 'sa...@xxx.info';
> Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from 
> cmusaslsecretPLAIN sales xxx.info
> Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT 
> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info';
> Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column: 
> cmusaslsecretPLAIN 
> Mar 26 19:47:17 xxx imap[1448]: commit transaction
> Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info
> Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host
> Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db 
> '/var/db/sqlite/mailsys' on host '' 
> 

‘k, think I got it … tracing “Could not open db” to where it is in the code, 
turns out it is generated by cyrus-sasl -> sasldb -> db_ndbm.c … but, we don’t 
*use* sasldb, so why is that error being generated?

Looking on my ‘working system’, there is a /usr/local/etc/sasldb2.db file 
there, which is why that error isn’t being  generated … so, I just created a 
‘dummy’ sasldb2.db file on both of my non-workign systems, and suddenly, it 
looks like everything is authenticating properly …

Still have to do more testing but … is there some way to *disable* it checking 
for that file?  I created and then disabled an account in it, so that its got 
the right structure, so its not too painful of a solution, just not sure why it 
came up in the first place … when I upgraded the code, the version of 
cyrus-sasl didn’t change (2.1.16 in both the pre and post upgrade systems, just 
confirmed), but cyrus-imap went from 2.3 -> 2.4 … so a stricter requirement in 
2.4 that I hadn’t seen before … ?




Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


On Mar 26, 2014, at 12:54 , Marc Fournier  wrote:

> But, if it can’t open the db (or is that for a different db?), then how does 
> it know that the first query works fine, but the second one is missing a 
> column?  It has to open the db to do that … unless, again, the ‘Could not 
> open’ is trying to open a different db?

I should have probably thought to mention this previously, and it might be 
irrelevant, but … mail delivery works fine … in /var/log/auth.log, I see:

Mar 26 19:50:02 xxx lmtpunix[2018]: sql auxprop plugin using sqlite engine
Mar 26 19:55:02 xxx lmtpunix[2845]: sql auxprop plugin using sqlite engine
Mar 26 20:00:05 xxx lmtpunix[3808]: sql auxprop plugin using sqlite engine
Mar 26 20:05:07 xxx lmtpunix[4537]: sql auxprop plugin using sqlite engine
Mar 26 20:10:02 xxx lmtpunix[12058]: sql auxprop plugin using sqlite engine

And there are no ‘Could not open db’ messages associated with that … since its 
not actually doing any queries against it, I don’t think this has any 
relevance, but figured it couldn’t hurt to include the information …
Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


On Mar 26, 2014, at 11:25 , Dan White  wrote:

>> 
> 
> Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is
> logging 'auth.*’.

With sasl_log_level set to 7, master restarted:

Mar 26 19:47:17 xxx imap[1448]: Could not open db 
Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info
Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host
Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db 
'/var/db/sqlite/mailsys' on host '' 
Mar 26 19:47:17 xxx imap[1448]: begin transaction
Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from userPassword 
sales xxx.info
Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT userPassword FROM 
sasl_auth WHERE userid = 'sa...@xxx.info';
Mar 26 19:47:17 xxx imap[1448]: sql plugin create statement from 
cmusaslsecretPLAIN sales xxx.info
Mar 26 19:47:17 xxx imap[1448]: sql plugin doing query SELECT 
cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'sa...@xxx.info';
Mar 26 19:47:17 xxx imap[1448]: sql plugin: no such column: cmusaslsecretPLAIN 
Mar 26 19:47:17 xxx imap[1448]: commit transaction
Mar 26 19:47:17 xxx imap[1448]: sql plugin Parse the username sa...@xxx.info
Mar 26 19:47:17 xxx imap[1448]: sql plugin try and connect to a host
Mar 26 19:47:17 xxx imap[1448]: sql plugin trying to open db 
'/var/db/sqlite/mailsys' on host '' 

‘k, so “Could not open db” … useful, but why not?  Which db?  From the command 
line, as user ‘cyrus’:

# su - cyrus
% ls -ld /var/db/sqlite/mailsys
-rw-r--r--  1 root  wheel  8192 Mar 26 07:52 /var/db/sqlite/mailsys
% sqlite /var/db/sqlite/mailsys
SQLite version 2.8.17
Enter ".help" for instructions
sqlite> select count(1) from sasl_auth;
11
sqlite> % 

But, if it can’t open the db (or is that for a different db?), then how does it 
know that the first query works fine, but the second one is missing a column?  
It has to open the db to do that … unless, again, the ‘Could not open’ is 
trying to open a different db?








Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Dan White

On 03/26/14 11:45 -0700, Marc Fournier wrote:
>
>On Mar 26, 2014, at 11:25 , Dan White  wrote:
>
>>
>> What does your imapd.conf config look like? In particular the sasl_*,
>> virtdomain, defaultdomain, allowplaintext, and loginrealms options.
>
>
>configdirectory: /var/spool/imap
>partition-default: /var/spool/mail
>duplicatesuppression: 1
>sievedir: /var/spool/sieve
>sendmail: /usr/sbin/sendmail
>hashimapspool: yes
>lmtpsocket: /var/run/socket/lmtp
>unixhierarchysep: 0
>quotawarn: 90
>virtdomains: 1
>allowplaintext: 1
>
>pwcheck_method: auxprop
>auxprop_plugin: sql
>
>sasl_sql_engine: sqlite
>sasl_sql_database: /var/db/sqlite/mailsys
>sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
>sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( 
>'%u@%r', '%v' )
>sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'
>
>tls_ca_file: /var/imap/server.pem
>tls_cert_file: /var/imap/server.pem
>tls_key_file: /var/imap/server.pem

You should have your domain(s) listed within a loginrealms statement.
I recommend 'virtdomain: userid' over on or 1.

-- 
Dan White

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier

On Mar 26, 2014, at 11:25 , Dan White  wrote:

> 
> What does your imapd.conf config look like? In particular the sasl_*,
> virtdomain, defaultdomain, allowplaintext, and loginrealms options.

configdirectory: /var/spool/imap
partition-default: /var/spool/mail
duplicatesuppression: 1
sievedir: /var/spool/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: yes
lmtpsocket: /var/run/socket/lmtp
unixhierarchysep: 0
quotawarn: 90
virtdomains: 1
allowplaintext: 1

pwcheck_method: auxprop
auxprop_plugin: sql

sasl_sql_engine: sqlite
sasl_sql_database: /var/db/sqlite/mailsys
sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( '%u@%r', 
'%v' )
sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'

tls_ca_file: /var/imap/server.pem
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem

only difference between the above and the other one that isn’t working *and* 
the one that is, is the tls_* lines …

> 
> Try using a sasl mechanism, e.g.:
> 
> imtest -m digest-md5 -a 'x...@xxx.xxx’ localhost

# imtest -m digest-md5 -a x...@xxx.xxx localhost
S: * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus IMAP 
v2.4.17 server ready
C: A01 AUTHENTICATE DIGEST-MD5
S: + 
bm9uY2U9IjdaZ0NLa1AxQTRPYmtlUHp2K3VaL0pSa3FYRUtzTFhtaFgwK1grbmJ2RlE9IixyZWFsbT0icmRmdW5kLmNvbSIscW9wPSJhdXRoLGF1dGgtaW50LGF1dGgtY29uZiIsY2lwaGVyPSJyYzQtNDAscmM0LTU2LHJjNCxkZXMsM2RlcyIsbWF4YnVmPTQwOTYsY2hhcnNldD11dGYtOCxhbGdvcml0aG09bWQ1LXNlc3M=
Please enter your password: 
C: 
dXNlcm5hbWU9InNhbGVzQG9mYWMuaW5mbyIscmVhbG09InJkZnVuZC5jb20iLG5vbmNlPSI3WmdDS2tQMUE0T2JrZVB6dit1Wi9KUmtxWEVLc0xYbWhYMCtYK25idkZRPSIsY25vbmNlPSI1WFVrUXZZbFZybXp3dndYREY3MHM4SkROcUcyOEM5Z1FuMUNCVy9xM29JPSIsbmM9MDAwMDAwMDEscW9wPWF1dGgtY29uZixjaXBoZXI9cmM0LG1heGJ1Zj0xMDI0LGRpZ2VzdC11cmk9ImltYXAvbG9jYWxob3N0IixyZXNwb25zZT05ODlhNzk3NTU5ZDY1OTY1NGRhODZiMGQ1OTc0ODU1ZQ==
S: A01 NO generic failure
Authentication failed. generic failure
Security strength factor: 128
C: C01 CAPABILITY
S: * CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE ACL RIGHTS=kxte QUOTA 
MAILBOX-REFERRALS NAMESPACE UIDPLUS NO_ATOMIC_RENAME UNSELECT CHILDREN 
MULTIAPPEND BINARY CATENATE CONDSTORE ESEARCH SORT SORT=MODSEQ SORT=DISPLAY 
THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE LIST-EXTENDED WITHIN 
QRESYNC SCAN XLIST URLAUTH URLAUTH=BINARY X-NETSCAPE STARTTLS AUTH=SCRAM-SHA-1 
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR COMPRESS=DEFLATE 
IDLE
S: C01 OK Completed
quit
* BAD Invalid tag
. logout
* BYE LOGOUT received
. OK Completed
Connection closed.

> 
>> Is there any way of getting more debug information out of the backend 
>> without modifying the code itself?
> 
> Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is
> logging 'auth.*’.

k, will do this and re-test things …

> 
> -- 
> Dan White

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Dan White

On 03/26/14 09:27 -0700, Marc Fournier wrote:
>cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5

>/var/log # telnet localhost imap
>Trying 127.0.0.1...
>Connected to localhost.
>Escape character is '^]'.
>* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 
>AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus 
>IMAP v2.4.17 server ready
>. login x...@xxx.xxx xxx
>. NO Login failed: generic failure
>. logout
>* BYE LOGOUT received
>. OK Completed
>Connection closed by foreign host.
>
>/var/log/debug.log shows:
>
>==
>Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
>Mar 26 16:09:08 xxx imap[67279]: executed
>Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
>Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening 
>/var/spool/imap/user_deny.db: No such file or directory
>Mar 26 16:09:08 xxx imap[67279]: accepted connection
>Mar 26 16:09:36 xxx imap[67279]: accepted connection
>Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx
>Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
>Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
>'/var/db/sqlite/mailsys' on host ''
>Mar 26 16:09:49 xxx imap[67279]: begin transaction
>Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from userPassword 
>xxx xxx.xxx
>Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword 
>FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
>Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from 
>cmusaslsecretPLAIN xxx xxx.xxx
>Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT 
>cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
>Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: cmusaslsecretPLAIN
>Mar 26 16:09:49 xxx imap[67279]: commit transaction
>Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx
>Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
>Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
>'/var/db/sqlite/mailsys' on host ''
>
>/var/log/messages shows:
>
>Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext 
>x...@xxx.xxx SASL(-1): generic failure: checkpass failed
>
>I’ve even tried su’ng to the cyrus user and running the sql command against 
>the database, and it returns the right database:
>
>% echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';" | 
>sqlite /var/db/sqlite/mailsys
>rightPW
>%

What does your imapd.conf config look like? In particular the sasl_*,
virtdomain, defaultdomain, allowplaintext, and loginrealms options.

Try using a sasl mechanism, e.g.:

imtest -m digest-md5 -a 'x...@xxx.xxx' localhost

>Is there any way of getting more debug information out of the backend without 
>modifying the code itself?

Add 'sasl_log_level: 7' to imapd.conf, and verify your syslog daemon is
logging 'auth.*'.

-- 
Dan White

Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


Yes, they are all the same … data isn’t, obvously, but the structure hasn’t 
changed … in fact, the mail systems on all three servers that I’m currently 
working with have been running / configured for 5+ years now … only change was 
upgraded OS from FreeBSD 9 -> 10 and upgraded ports to the latest … 

I did the upgrade from 9 -> 10 for hub.org first (the domain I’m emailing from) 
and all went smooth … I never change config files  unless I have to, and in 
this case, nothing had to be changed … and the lack of useful error message is 
making it twice as difficult to debug ;(



On Mar 26, 2014, at 10:59 , Helmut Weigel  wrote:

> You said, you compared the cyrus config files.
> Did you compare the structure and data of the sqllite databases?
>  
> Regards Helmut
>  
> Von: Marc Fournier [mailto:scra...@hub.org] 
> Gesendet: Mittwoch, 26. März 2014 18:20
> An: Helmut Weigel
> Cc: info-cyrus@lists.andrew.cmu.edu
> Betreff: Re: NO Login failed: generic failure
>  
>  
> Never has been, nor is there on the working system … I don’t even know where 
> that query is coming from, as my imapd.conf has:
>  
> pwcheck_method: auxprop
> auxprop_plugin: sql
>  
> sasl_sql_engine: sqlite
> sasl_sql_database: /var/db/sqlite/mailsys
> sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
> sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( 
> '%u@%r', '%v' )
> sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'
>  
> this is the same config on both system, and even lookign on the *good* system 
> (that I’m reading / sending this through) at its /var/log/debug.log, I see it 
> doing that extra query, but, again, no idea where it is coming from … its not 
> something I wrote … only the first query is:
>  
> Mar 26 14:02:37 hub pop3[75904]: begin transaction
> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from 
> userPassword ams hub.org
> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT userPassword 
> FROM sasl_auth WHERE userid = 'a...@hub.org';
> Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from 
> cmusaslsecretPLAIN ams hub.org
> Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT 
> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org';
> Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: 
> cmusaslsecretPLAIN 
> Mar 26 14:02:37 hub pop3[75904]: commit transaction
>  
>  
>  
>  
> On Mar 26, 2014, at 10:11 , Helmut Weigel  wrote:
> 
> 
> Hi,
>  
> the problem is located in your SQL Database. The Error Message says:
>  
>  
> There’s no colum  cmusaslsecretPLAIN
>  
>  
> Double Check your Database
>  
> Regards Helmut
>  
> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu 
> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im Auftrag 
> von Marc Fournier
> Gesendet: Mittwoch, 26. März 2014 17:28
> An: info-cyrus@lists.andrew.cmu.edu
> Betreff: NO Login failed: generic failure
>  
>  
> I have two servers, both with identical configurations, right down to their 
> imapd.conf files … both use sqlite to store auth information …
>  
> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>  
> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>  
> One works great, nary a problem … the other, I get the above message when I 
> try and authenticate.  And I can’t find anything different … I’ve checked 
> permissions on the various files, etc …
>  
> /var/log # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus 
> IMAP v2.4.17 server ready
> . login x...@xxx.xxx xxx
> . NO Login failed: generic failure
> . logout
> * BYE LOGOUT received
> . OK Completed
> Connection closed by foreign host.
>  
> /var/log/debug.log shows:
>  
> ==
> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
> Mar 26 16:09:08 xxx imap[67279]: executed
> Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
> Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening 
> /var/spool/imap/user_deny.db: No such file or directory
> Mar 26 16:09:08 xxx imap[67279]: accepted connection
> Mar 26 16:09:36 xxx imap[67279]: accepted connection
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db

Re: NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


Never has been, nor is there on the working system … I don’t even know where 
that query is coming from, as my imapd.conf has:

pwcheck_method: auxprop
auxprop_plugin: sql

sasl_sql_engine: sqlite
sasl_sql_database: /var/db/sqlite/mailsys
sasl_sql_select: SELECT %p FROM sasl_auth WHERE userid = '%u@%r'
sasl_sql_insert: INSERT INTO sasl_auth ( userid, %p, domain ) VALUES ( '%u@%r', 
'%v' )
sasl_sql_update: UPDATE sasl_auth SET %p = '%v' WHERE userid = '%u@%r'

this is the same config on both system, and even lookign on the *good* system 
(that I’m reading / sending this through) at its /var/log/debug.log, I see it 
doing that extra query, but, again, no idea where it is coming from … its not 
something I wrote … only the first query is:

Mar 26 14:02:37 hub pop3[75904]: begin transaction
Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from userPassword 
ams hub.org
Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT userPassword 
FROM sasl_auth WHERE userid = 'a...@hub.org';
Mar 26 14:02:37 hub pop3[75904]: sql plugin create statement from 
cmusaslsecretPLAIN ams hub.org
Mar 26 14:02:37 hub pop3[75904]: sql plugin doing query SELECT 
cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'a...@hub.org';
Mar 26 14:02:37 hub pop3[75904]: sql plugin: no such column: cmusaslsecretPLAIN 
Mar 26 14:02:37 hub pop3[75904]: commit transaction




On Mar 26, 2014, at 10:11 , Helmut Weigel  wrote:

> Hi,
>  
> the problem is located in your SQL Database. The Error Message says:
>  
>  
> There’s no colum  cmusaslsecretPLAIN
>  
>  
> Double Check your Database
>  
> Regards Helmut
>  
> Von: info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu 
> [mailto:info-cyrus-bounces+weigel=dfbnet@lists.andrew.cmu.edu] Im Auftrag 
> von Marc Fournier
> Gesendet: Mittwoch, 26. März 2014 17:28
> An: info-cyrus@lists.andrew.cmu.edu
> Betreff: NO Login failed: generic failure
>  
>  
> I have two servers, both with identical configurations, right down to their 
> imapd.conf files … both use sqlite to store auth information …
>  
> Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:
>  
> cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5
>  
> One works great, nary a problem … the other, I get the above message when I 
> try and authenticate.  And I can’t find anything different … I’ve checked 
> permissions on the various files, etc …
>  
> /var/log # telnet localhost imap
> Trying 127.0.0.1...
> Connected to localhost.
> Escape character is '^]'.
> * OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 
> AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus 
> IMAP v2.4.17 server ready
> . login x...@xxx.xxx xxx
> . NO Login failed: generic failure
> . logout
> * BYE LOGOUT received
> . OK Completed
> Connection closed by foreign host.
>  
> /var/log/debug.log shows:
>  
> ==
> Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
> Mar 26 16:09:08 xxx imap[67279]: executed
> Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
> Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening 
> /var/spool/imap/user_deny.db: No such file or directory
> Mar 26 16:09:08 xxx imap[67279]: accepted connection
> Mar 26 16:09:36 xxx imap[67279]: accepted connection
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
> '/var/db/sqlite/mailsys' on host ''
> Mar 26 16:09:49 xxx imap[67279]: begin transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from 
> userPassword xxx xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword 
> FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from 
> cmusaslsecretPLAIN xxx xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT 
> cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
> Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: 
> cmusaslsecretPLAIN
> Mar 26 16:09:49 xxx imap[67279]: commit transaction
> Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx  
> Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
> Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
> '/var/db/sqlite/mailsys' on host ''
>  
> /var/log/messages shows:
>  
> Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext 
> x...@xxx.xxx SASL(-1): gener

NO Login failed: generic failure

2014-03-26 Thread Marc Fournier


I have two servers, both with identical configurations, right down to their 
imapd.conf files … both use sqlite to store auth information …

Both running on FreeBSD 10.x, and versions of imapd/sasl are the same:

cyrus-imapd24-2.4.17_4/ cyrus-sasl-2.1.26_5

One works great, nary a problem … the other, I get the above message when I try 
and authenticate.  And I can’t find anything different … I’ve checked 
permissions on the various files, etc …

/var/log # telnet localhost imap
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
* OK [CAPABILITY IMAP4rev1 LITERAL+ ID ENABLE STARTTLS AUTH=SCRAM-SHA-1 
AUTH=DIGEST-MD5 AUTH=CRAM-MD5 AUTH=LOGIN AUTH=PLAIN SASL-IR] xxx.xxx Cyrus IMAP 
v2.4.17 server ready
. login x...@xxx.xxx xxx
. NO Login failed: generic failure
. logout
* BYE LOGOUT received
. OK Completed
Connection closed by foreign host.

/var/log/debug.log shows:

==
Mar 26 16:09:08 xxx imap[67279]: SQL backend defaulting to engine 'sqlite'
Mar 26 16:09:08 xxx imap[67279]: executed
Mar 26 16:09:08 xxx imap[67279]: sql auxprop plugin using sqlite engine
Mar 26 16:09:08 xxx imap[67279]: IOERROR: opening /var/spool/imap/user_deny.db: 
No such file or directory
Mar 26 16:09:08 xxx imap[67279]: accepted connection
Mar 26 16:09:36 xxx imap[67279]: accepted connection
Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx  
Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
'/var/db/sqlite/mailsys' on host ''
Mar 26 16:09:49 xxx imap[67279]: begin transaction
Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from userPassword 
xxx xxx.xxx  
Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT userPassword 
FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
Mar 26 16:09:49 xxx imap[67279]: sql plugin create statement from 
cmusaslsecretPLAIN xxx xxx.xxx  
Mar 26 16:09:49 xxx imap[67279]: sql plugin doing query SELECT 
cmusaslsecretPLAIN FROM sasl_auth WHERE userid = 'x...@xxx.xxx';
Mar 26 16:09:49 xxx imap[67279]: sql plugin: no such column: cmusaslsecretPLAIN
Mar 26 16:09:49 xxx imap[67279]: commit transaction
Mar 26 16:09:49 xxx imap[67279]: sql plugin Parse the username x...@xxx.xxx  
Mar 26 16:09:49 xxx imap[67279]: sql plugin try and connect to a host
Mar 26 16:09:49 xxx imap[67279]: sql plugin trying to open db 
'/var/db/sqlite/mailsys' on host ''

/var/log/messages shows:

Mar 26 16:09:49 rdfund imap[67279]: badlogin: xxx [200.46.208.227] plaintext 
x...@xxx.xxx SASL(-1): generic failure: checkpass failed

I’ve even tried su’ng to the cyrus user and running the sql command against the 
database, and it returns the right database:

% echo "SELECT userPassword FROM sasl_auth WHERE userid = ‘x...@xxx.xxx';" | 
sqlite /var/db/sqlite/mailsys
rightPW
%

I’ve double checked the imapd.conf files, and they are identical except 
different admins: and one has tls_* lines in it … but I’m having the identical 
issue with *another* server, and it doesn’t have the tls_* lines …

I figure I have to be overlooking *something* stupid, but I’m at a loss as to 
what it could be … I’ve even checked md5 on imapd between both working / 
non-working … identical …

Is there any way of getting more debug information out of the backend without 
modifying the code itself?  

Thanks ...



Cyrus Home Page: http://www.cyrusimap.org/
List Archives/Info: http://lists.andrew.cmu.edu/pipermail/info-cyrus/
To Unsubscribe:
https://lists.andrew.cmu.edu/mailman/listinfo/info-cyrus

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

Re: NO Login failed: generic failure

NO Login failed: generic failure

17 matches

Site Navigation

Mail list logo

Footer information