Re: [Courier-imap] How to log authdaemon to show password?
Steve Charmer writes: from the terminal, do I call the bash script? /usr/sbin/authdaemond stopor just authdaemond stop (bcuz it's in my path, both should work) Correct, it does the same thing. authdaemond: Authenticated: sysusername=, sysuserid=8, sysgroupid=8, homedir=/var/vmail/http://domain.com/acct>domain.com/acct, address=mailto:a...@domain.com>a...@domain.com, fullname=, maildir=/var/vmail/http://domain.com/acct>domain.com/acct, quota=, options= authdaemond: Authenticated: clearpasswd=MYPASSWORD, passwd=$1$EGGGR.ZbFFF/ imapd: LOGIN, user=mailto:a...@domain.com>a...@domain.com, ip=[:::xxx.xxx.xxx.xxx], port=[56789], protocol=IMAP imapd: Connection, ip=[:::xxx.xxx.xxx.xxx] so it appears to be working. Is it shown twice (the first clearpasswd is null) because the DEBUG level is set to 2, and it needs to do debug level 1 first, (the login attempt), then level 2 (the clearpasswd) ? or do I have 2 instances running in memory? No, different parts of the daemon were doing their own logging. does authdaemond run as a service? or is it just called on demand by courier- imapd-ssl ? I tried systemctl list-units -a to view all the services but I did not find a service named authdaemond authdaemond runs as a permanent service. Check for services that have "authlib" in their name. for the purposes of customizing rsyslog, does authdaemond have a facility name, or is it captured under mail.* ? I noticed it worked for me under http://mail.info>mail.info and mail.debug LOGGEROPTS in the authdaemonrc configuration file sets options for courierlogger. You can specify a -facility option to use a different subsystem. pgpot2N80nHxC.pgp Description: PGP signature ___ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
Re: [Courier-imap] How to log authdaemon to show password?
Thank you Mr Sam. I could not get the binary executable to run manually at the terminal, I couldn't understand how the variables from the rc file were supposed to be pasted after the command. I ended up modifying my rsyslog 50-default.conf file, then restarting rsyslog I am still confused as to which is the correct command to stop and start authdaemond from the terminal, do I call the bash script? /usr/sbin/authdaemond stop or just authdaemond stop (bcuz it's in my path, both should work) ANYHOW, by some miracle I saw in my syslog file commands authdaemond: modules="authuserdb authpam", daemons=5 authdaemond: Installing libauthuserdb authdaemond: Installation complete: authuserdb authdaemond: Installing libauthpam authdaemond: Installation complete: authpam which convinced me that it started then later in the mail log imapd: Connection, ip=[:::xxx.xxx.xxx.xxx] authdaemond: received auth request, service=imap, authtype=login authdaemond: authuserdb: trying this module authdaemond: userdb: opened /etc/courier/userdb.dat authdaemond: userdb: looking up 'a...@domain.com' authdaemond: userdb: home=/var/vmail/domain.com/acct, uid=8, gid=8, shell=, mail=/var/vmail/domain.com/acct, quota=, gecos=, options= authdaemond: found systempw in userdbshadow authdaemond: authuserdb: sysusername=, sysuserid=8, sysgroupid=8, homedir=/var/vmail/domain.com/acct, address=a...@domain.com, fullname=, maildir=/var/vmail/domain.com/acct, quota=, options= authdaemond: authuserdb: clearpasswd=, passwd=$1$EGGGR.ZbFFF/ authdaemond: password matches successfully authdaemond: Authenticated: sysusername=, sysuserid=8, sysgroupid=8, homedir=/var/vmail/domain.com/acct, address=a...@domain.com, fullname=, maildir=/var/vmail/domain.com/acct, quota=, options= authdaemond: Authenticated: clearpasswd=MYPASSWORD, passwd=$1$EGGGR.ZbFFF/ imapd: LOGIN, user=a...@domain.com, ip=[:::xxx.xxx.xxx.xxx], port=[56789], protocol=IMAP imapd: Connection, ip=[:::xxx.xxx.xxx.xxx] so it appears to be working. Is it shown twice (the first clearpasswd is null) because the DEBUG level is set to 2, and it needs to do debug level 1 first, (the login attempt), then level 2 (the clearpasswd) ? or do I have 2 instances running in memory? does authdaemond run as a service? or is it just called on demand by courier-imapd-ssl ? I tried systemctl list-units -a to view all the services but I did not find a service named authdaemond for the purposes of customizing rsyslog, does authdaemond have a facility name, or is it captured under mail.* ? I noticed it worked for me under mail.info and mail.debug thank you for your help On Thu, Mar 2, 2023 at 7:49 PM Sam Varshavchik wrote: > Steve Charmer writes: > > > « HTML content follows » > > > > Hello again, > > I am using courier-imapd-ssl on Ubuntu > > > > > > I want to debug a user authentication by viewing the password being sent > > > > > > I have read > > > > https://www.courier- > > mta.org/authlib/README.authdebug.html>https://www.courier- > > mta.org/authlib/README.authdebug.html > > > > to edit > > /usr/local/etc/authdaemonrc: > > but, I have no file there > > Each Linux distribution configures packages according to its own > conventions. > > The documentation on the web defaults to the default package > configuration, > and you'll need to check where your Linux distribution installs the > package > and how it gets configured. > > > > in /var/log/mail.log > > imapd-ssl: Connection, ip=[:::104.xxx.xxx.xxx] > > lemp-dev authdaemond: received auth request, service=imap, authtype=login > > lemp-dev authdaemond: authuserdb: trying this module > > lemp-dev authdaemond: userdb: opened /etc/courier/userdb.dat > > > > > > > > Is this showing that I am indeed using authdaemond to process the login > > request? > > Yes, and its configuration files are stored in /etc/courier > > > I edited /etc/courier/authdaemonrc > > set DEBUG_LOGIN=2 > > (as the above webpage said that would show the pwd) > > save the file > > > > > > authmodulelist="authuserdb authpam" > > daemons=5 > > authdaemonvar=/var/run/courier/authdaemon/socket > > DEBUG_LOGIN=2 > > DEFAULTOPTIONS="" > > LOGGEROPTS="" > > > > > > > > and following the instructions in that webpage > > I stopped authdaemond > > then attempted to start it manually > >authdaemond >/home/user/authdaemond.log 2>&1 > > > > > > > > but that log file shows only > >Unknown option '-' > > > > > > I do not see any hyphen character in the conf file > > There are two executables in the courier-authlib package that are named > authdaemond. > > The first executable is usually installed somewhere that's not in the > default PATH, typically /usr/libexec/courier-authlib/authdaemond or > /usr/local/libexec/courier-authlib/authdaemond. That's the binary that > the > documentation you read is referring to. > > The second executable is
Re: [Courier-imap] How to log authdaemon to show password?
Steve Charmer writes: « HTML content follows » Hello again, I am using courier-imapd-ssl on Ubuntu I want to debug a user authentication by viewing the password being sent I have read https://www.courier- mta.org/authlib/README.authdebug.html>https://www.courier- mta.org/authlib/README.authdebug.html to edit /usr/local/etc/authdaemonrc: but, I have no file there Each Linux distribution configures packages according to its own conventions. The documentation on the web defaults to the default package configuration, and you'll need to check where your Linux distribution installs the package and how it gets configured. in /var/log/mail.log imapd-ssl: Connection, ip=[:::104.xxx.xxx.xxx] lemp-dev authdaemond: received auth request, service=imap, authtype=login lemp-dev authdaemond: authuserdb: trying this module lemp-dev authdaemond: userdb: opened /etc/courier/userdb.dat Is this showing that I am indeed using authdaemond to process the login request? Yes, and its configuration files are stored in /etc/courier I edited /etc/courier/authdaemonrc set DEBUG_LOGIN=2 (as the above webpage said that would show the pwd) save the file authmodulelist="authuserdb authpam" daemons=5 authdaemonvar=/var/run/courier/authdaemon/socket DEBUG_LOGIN=2 DEFAULTOPTIONS="" LOGGEROPTS="" and following the instructions in that webpage I stopped authdaemond then attempted to start it manually authdaemond >/home/user/authdaemond.log 2>&1 but that log file shows only Unknown option '-' I do not see any hyphen character in the conf file There are two executables in the courier-authlib package that are named authdaemond. The first executable is usually installed somewhere that's not in the default PATH, typically /usr/libexec/courier-authlib/authdaemond or /usr/local/libexec/courier-authlib/authdaemond. That's the binary that the documentation you read is referring to. The second executable is installed in your default PATH, /usr/sbin/authdaemond usually. It's a shell script that does a few things, and then runs the first executable. You ran the second shell script instead of the binary executable. Note, though, that if you already have authdaemond running then starting the executable again is not going to work. pgp0TFSzwQaI6.pgp Description: PGP signature ___ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap
[Courier-imap] How to log authdaemon to show password?
Hello again, I am using courier-imapd-ssl on Ubuntu I want to debug a user authentication by viewing the password being sent I have read https://www.courier-mta.org/authlib/README.authdebug.html to edit /usr/local/etc/authdaemonrc: but, I have no file there which authdaemond /usr/sbin/authdaemond systemctl status authdaemond ● authdaemond.service Loaded: not-found (Reason: No such file or directory) Active: inactive (dead) in /var/log/mail.log imapd-ssl: Connection, ip=[:::104.xxx.xxx.xxx] lemp-dev authdaemond: received auth request, service=imap, authtype=login lemp-dev authdaemond: authuserdb: trying this module lemp-dev authdaemond: userdb: opened /etc/courier/userdb.dat Is this showing that I am indeed using authdaemond to process the login request? I edited /etc/courier/authdaemonrc set DEBUG_LOGIN=2 (as the above webpage said that would show the pwd) save the file authmodulelist="authuserdb authpam" daemons=5 authdaemonvar=/var/run/courier/authdaemon/socket DEBUG_LOGIN=2 DEFAULTOPTIONS="" LOGGEROPTS="" and following the instructions in that webpage I stopped authdaemond then attempted to start it manually authdaemond >/home/user/authdaemond.log 2>&1 but that log file shows only Unknown option '-' I do not see any hyphen character in the conf file == thanks for any help ___ Courier-imap mailing list Courier-imap@lists.sourceforge.net Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-imap