Re: Unable to login to courier-imap after update to current

2017-02-20 Thread Stuart Henderson 
On 2017-02-19, ted@comcast.net  wrote:
> Hello
> I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64).
>
> After updating, I updated all the packages.
>
> Now, I cannot login to imap.
>
> I am using postfix, courier-imap, with mysql (mariadb).
>
> I recall that when I set this up 2 years ago, I used the command line 
> "encrypt" function to create the password hashes that were inserted in the 
> mysql user table for authentication.
>
> Since all my user accounts cannot access imap, I wondered if something had 
> changed in the hashing.  So, I used "encrypt" on the password, and got a 
> different hash than I did originally.
>
> for example, last year the hash (of one password) started with 
> "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..."
>
> I tried changing the hash in the database, restarting mysql, courier (imap, 
> authd), postfix; but am unable to login to imap.
>
> I keep getting login failures.
>
> Any help would be really appreciated.
>
> Thanks
> Ted
>
>

Is it this?

http://marc.info/?l=openbsd-ports-cvs=148758881923965=2

Re: SOLVED - Re: Unable to login to courier-imap after update to current

2017-02-20 Thread Ted Wynnychenko 
Thanks for the information about the salt with encrypt.
I actually figured that out at some point.
I sent the messages below yesterday, but for some reason they were not posted to
the list.
Thanks
Ted



>
>> Hello
>> I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64).
>>
>> After updating, I updated all the packages.
>>
>> Now, I cannot login to imap.
>>
>> I am using postfix, courier-imap, with mysql (mariadb).
>>
>> I recall that when I set this up 2 years ago, I used the command line
>> "encrypt" function to create the password hashes that were inserted in
>> the mysql user table for authentication.
>>
>> Since all my user accounts cannot access imap, I wondered if something
>> had changed in the hashing.  So, I used "encrypt" on the password, and
>> got a different hash than I did originally.
>>
>> for example, last year the hash (of one password) started with
>> "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..."
>>
>> I tried changing the hash in the database, restarting mysql, courier
>> (imap, authd), postfix; but am unable to login to imap.
>>
>> I keep getting login failures.
>>
>> Any help would be really appreciated.
>>
>> Thanks
>> Ted
>
> I am responding to my own message.
>
> I still cannot authenticate to courier-imap.
>
> I have found this in /var/log/maillog:
>
> authdaemond: marker line not found in /etc/courier/authmysqlrc
> (probably forgot to run sysconftool after an upgrade)
>
> This occurs with each login attempt, and preceeds each "LOGIN FAILED"
> line, such as:
>
> imapd-ssl: LOGIN FAILED, user=u...@example.com, ip=[:::172.xx.x.xx]
>
> I found that something called sysconftool exists at:
> /usr/local/libexec/courier-authlib/sysconftool
>
> But running it as root (#
> /usr/local/libexec/courier-authlib/sysconftool), and then restarting
> courier_authdaemond, courier_imap, and courier_imap_ssl (in that
> order), does not resolve the login failures or the message in maillog.
>
> As I said, any pointers on how I can fix this would be welcome.
> At this point, I don't think the login failure has anything to do with
> encrypt (as I implied in my original message).
>
> Thanks again
> Ted

Ok, sorry for bothering the list, but the loss of email access bugged  
me, and I did not know what to do.

But now, 3 hours later, I have gotten imap working again.  Whether or  
not I "fixed" the problem, I don' know.

But, it seems, in the most recent package update of courier-imap,  
something is missing.

I basically added:
---
##NAME: MARKER:0
#
# Do not remove this section from this configuration file. This section
# must be present at the end of this file.
---
to the end of /etc/courier/authmysqlrc and restarted courier, and I  
can now login again.

I mention this in case it may be of help to another.

Thanks
Ted

Re: Unable to login to courier-imap after update to current

2017-02-19 Thread Otto Moerbeek 
On Sun, Feb 19, 2017 at 07:50:01PM +, ted@comcast.net wrote:

> Hello
> I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64).
> 
> After updating, I updated all the packages.
> 
> Now, I cannot login to imap.
> 
> I am using postfix, courier-imap, with mysql (mariadb).
> 
> I recall that when I set this up 2 years ago, I used the command line 
> "encrypt" function to create the password hashes that were inserted in the 
> mysql user table for authentication.
> 
> Since all my user accounts cannot access imap, I wondered if something had 
> changed in the hashing.  So, I used "encrypt" on the password, and got a 
> different hash than I did originally.
> 
> for example, last year the hash (of one password) started with 
> "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..."
> 
> I tried changing the hash in the database, restarting mysql, courier (imap, 
> authd), postfix; but am unable to login to imap.
> 
> I keep getting login failures.
> 
> Any help would be really appreciated.
> 
> Thanks
> Ted

encrypt(1) adds a salt, so each time you encrypt a different result is
expected. No idea about your actual problem,

-Otto

Re: unable to login

2007-01-12 Thread Chuck Robey 
Stuart Henderson wrote:
 On 2007/01/10 15:55, Chuck Robey wrote:
   
 Look, as far as emergencies go, I have the orignal Linux OS sitting in
 back as a emergency,
 

 boot bsd.rd
 then you can do an upgrade install.

   
 I could reinstall everything, or maybe just my /etc/ but could anyone
 give me guesses as to what sort of screwup I perpetrated, so as to
 keep me from getting logged in?  Else, I will probably do this again,
 and I really, really like to learn from my mistakes, you know?
 

 you don't say which versions were involved, but if you installed 4.0
 and then did a 'make build' of -current source, that's one problem -
 unlike FreeBSD the procedure here is to do a binary upgrade to the
 nearest -current snapshot before make build.

 it's an arm arch:- N.B. http://www.openbsd.org/faq/current.html#20061227
 (besides the snapshot install of the system binaries, there will be more
 to do if you changed your shell to something from packages).


   
I should have responded sooner, but a nice guy onb the irc channel gave
me the
hint that my shell was probably bad, which really madee me feel like an
idiot for not seeinbg it myself.  I rebuilt the shell and things are
going fine.

Re: unable to login

2007-01-11 Thread Woodchuck 
On Wed, 10 Jan 2007, Chuck Robey wrote:

 I have a problem with my Zaurus, let me paint the scenario.  I am a rank
 newbie with OpenBSD, so I was trying (as a startup experiment) to build
 all of it.  I have my main machine sitting nearby (running FreeBSD
 current, at which I have years of experience), so I NFS mounted the
 little Zaurus's /usr/src and /usr/obj from my FreeBSD host.  I used cvsup
 to get the entire OpenBSD archive, then checked out copies of ports and
 and src (forgot to add ports to my list up on  top, I had 3 remotely mounted
 filesystems).  OK, I went ahead, built a kernel successfully, and did a
 make build.
 
 I was kinda shocked to find that the install was included in the build
 target, so this shows me to be a little bit stupid, that I didn't read
 it well enough to make sure, but that's not the problem.  I had the new
 kernel
 installed, and it seems to boot ok, but for both of my two user's, once
 I enter my password, it immediately cycles back to login: again.  I tried
 giving it tons of control'c's but that wouldn't catch it, so I cna't get
 logged in.
 
 Look, as far as emergencies go, I have the orignal Linux OS sitting in
 back as a emergency, and it does work, so if there's no better fix,
 I could reinstall everything, or maybe just my /etc/ but could anyone
 give me guesses as to what sort of screwup I perpetrated, so as to
 keep me from getting logged in?  Else, I will probably do this again,
 and I really, really like to learn from my mistakes, you know?
 
 Thanks for your guesses, folks...

Something got broken, and I suspect it was in /etc, but I can't picture
a simple make build in /usr/src as the full culprit here. (This shouldn't
mess with /etc/*.  As of yesterday, when I did one (4.0 stable) it didn't.)

so first try this:

at the BOOT  prompt, enter -s ; this should give you single user mode,
i.e. a root shell on the console, with no filesystems save / mounted.
You can at this point inspect /etc/master.passwd and see what is up.
(Are your users there? what's in their password fields?)  Are other things
in /etc messed up?  Things that you customized, like /etc/myname, /etc/mygate,
probably /etc/rc.conf, others.  

If you find something obvious, you can fix it.  First remount / for writing
(mount -u -o rw /) Then you can mount /usr to get some tools  (mount /usr
should do it).

Do  dmesg | head and see what the kernel thinks it is, then read on:
(You will need to mount /usr to get /usr/bin/head, or just dmesg and
be quick on the ^S or ^C, or pipe the dmesg to /tmp/foo and use ed
on it.  In ed, try 1,10p  to display lines 1 through 10.  Use q to quit.
When you get the system working, print out the ed man page and put it
in your desk.)

You should see something like this:

[EMAIL PROTECTED] root]# dmesg | head -2
OpenBSD 4.0-stable (GENERIC.MP) #3: Wed Jan 10 11:55:06 EST 2007
[EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP

(Probably just GENERIC not GENERIC.MP).

A possible source of your problem: when you checked out the sources, what
tag did you specify in the cvs command?  It should have been of the form
-r OPENBSD_4_0.  If you didn't specify a tag, you did not get STABLE,
you got current, the experimental/developmental branch.  You did not
want to do that ;-)  If you did, then boot the installation CD and do
a reinstallation.  On your freebsd box, you can check the tag by
displaying the file {some path known to you}/src/CVS/Tag.  If it's
not TOPENBSD_4_0 wipe out the hierarchy and re-fetch it.  this tag
business applies to the X and ports sources, too.

man 8 release   (very most excellent reading, refreshing and engaging,
with a plot you just can't put down.)

man 1 cvs  (packed full of vital goodness.)

Dave

Re: unable to login

2007-01-10 Thread Stuart Henderson 
On 2007/01/10 15:55, Chuck Robey wrote:
 Look, as far as emergencies go, I have the orignal Linux OS sitting in
 back as a emergency,

boot bsd.rd
then you can do an upgrade install.

 I could reinstall everything, or maybe just my /etc/ but could anyone
 give me guesses as to what sort of screwup I perpetrated, so as to
 keep me from getting logged in?  Else, I will probably do this again,
 and I really, really like to learn from my mistakes, you know?

you don't say which versions were involved, but if you installed 4.0
and then did a 'make build' of -current source, that's one problem -
unlike FreeBSD the procedure here is to do a binary upgrade to the
nearest -current snapshot before make build.

it's an arm arch:- N.B. http://www.openbsd.org/faq/current.html#20061227
(besides the snapshot install of the system binaries, there will be more
to do if you changed your shell to something from packages).