Re: Unable to login to courier-imap after update to current
On 2017-02-19, ted@comcast.netwrote: > Hello > I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64). > > After updating, I updated all the packages. > > Now, I cannot login to imap. > > I am using postfix, courier-imap, with mysql (mariadb). > > I recall that when I set this up 2 years ago, I used the command line > "encrypt" function to create the password hashes that were inserted in the > mysql user table for authentication. > > Since all my user accounts cannot access imap, I wondered if something had > changed in the hashing. So, I used "encrypt" on the password, and got a > different hash than I did originally. > > for example, last year the hash (of one password) started with > "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..." > > I tried changing the hash in the database, restarting mysql, courier (imap, > authd), postfix; but am unable to login to imap. > > I keep getting login failures. > > Any help would be really appreciated. > > Thanks > Ted > > Is it this? http://marc.info/?l=openbsd-ports-cvs=148758881923965=2
Re: SOLVED - Re: Unable to login to courier-imap after update to current
Thanks for the information about the salt with encrypt. I actually figured that out at some point. I sent the messages below yesterday, but for some reason they were not posted to the list. Thanks Ted > >> Hello >> I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64). >> >> After updating, I updated all the packages. >> >> Now, I cannot login to imap. >> >> I am using postfix, courier-imap, with mysql (mariadb). >> >> I recall that when I set this up 2 years ago, I used the command line >> "encrypt" function to create the password hashes that were inserted in >> the mysql user table for authentication. >> >> Since all my user accounts cannot access imap, I wondered if something >> had changed in the hashing. So, I used "encrypt" on the password, and >> got a different hash than I did originally. >> >> for example, last year the hash (of one password) started with >> "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..." >> >> I tried changing the hash in the database, restarting mysql, courier >> (imap, authd), postfix; but am unable to login to imap. >> >> I keep getting login failures. >> >> Any help would be really appreciated. >> >> Thanks >> Ted > > I am responding to my own message. > > I still cannot authenticate to courier-imap. > > I have found this in /var/log/maillog: > > authdaemond: marker line not found in /etc/courier/authmysqlrc > (probably forgot to run sysconftool after an upgrade) > > This occurs with each login attempt, and preceeds each "LOGIN FAILED" > line, such as: > > imapd-ssl: LOGIN FAILED, user=u...@example.com, ip=[:::172.xx.x.xx] > > I found that something called sysconftool exists at: > /usr/local/libexec/courier-authlib/sysconftool > > But running it as root (# > /usr/local/libexec/courier-authlib/sysconftool), and then restarting > courier_authdaemond, courier_imap, and courier_imap_ssl (in that > order), does not resolve the login failures or the message in maillog. > > As I said, any pointers on how I can fix this would be welcome. > At this point, I don't think the login failure has anything to do with > encrypt (as I implied in my original message). > > Thanks again > Ted Ok, sorry for bothering the list, but the loss of email access bugged me, and I did not know what to do. But now, 3 hours later, I have gotten imap working again. Whether or not I "fixed" the problem, I don' know. But, it seems, in the most recent package update of courier-imap, something is missing. I basically added: --- ##NAME: MARKER:0 # # Do not remove this section from this configuration file. This section # must be present at the end of this file. --- to the end of /etc/courier/authmysqlrc and restarted courier, and I can now login again. I mention this in case it may be of help to another. Thanks Ted
Re: Unable to login to courier-imap after update to current
On Sun, Feb 19, 2017 at 07:50:01PM +, ted@comcast.net wrote: > Hello > I just updated the 2/18 snapshot for amd64 (6.0 GENERIC.MP#178 amd64). > > After updating, I updated all the packages. > > Now, I cannot login to imap. > > I am using postfix, courier-imap, with mysql (mariadb). > > I recall that when I set this up 2 years ago, I used the command line > "encrypt" function to create the password hashes that were inserted in the > mysql user table for authentication. > > Since all my user accounts cannot access imap, I wondered if something had > changed in the hashing. So, I used "encrypt" on the password, and got a > different hash than I did originally. > > for example, last year the hash (of one password) started with > "$2b$08$GbrcrMOiXb..." and now it starts with "$2b$10$9xJ8rv1D..." > > I tried changing the hash in the database, restarting mysql, courier (imap, > authd), postfix; but am unable to login to imap. > > I keep getting login failures. > > Any help would be really appreciated. > > Thanks > Ted encrypt(1) adds a salt, so each time you encrypt a different result is expected. No idea about your actual problem, -Otto
Re: unable to login
Stuart Henderson wrote: On 2007/01/10 15:55, Chuck Robey wrote: Look, as far as emergencies go, I have the orignal Linux OS sitting in back as a emergency, boot bsd.rd then you can do an upgrade install. I could reinstall everything, or maybe just my /etc/ but could anyone give me guesses as to what sort of screwup I perpetrated, so as to keep me from getting logged in? Else, I will probably do this again, and I really, really like to learn from my mistakes, you know? you don't say which versions were involved, but if you installed 4.0 and then did a 'make build' of -current source, that's one problem - unlike FreeBSD the procedure here is to do a binary upgrade to the nearest -current snapshot before make build. it's an arm arch:- N.B. http://www.openbsd.org/faq/current.html#20061227 (besides the snapshot install of the system binaries, there will be more to do if you changed your shell to something from packages). I should have responded sooner, but a nice guy onb the irc channel gave me the hint that my shell was probably bad, which really madee me feel like an idiot for not seeinbg it myself. I rebuilt the shell and things are going fine.
Re: unable to login
On Wed, 10 Jan 2007, Chuck Robey wrote: I have a problem with my Zaurus, let me paint the scenario. I am a rank newbie with OpenBSD, so I was trying (as a startup experiment) to build all of it. I have my main machine sitting nearby (running FreeBSD current, at which I have years of experience), so I NFS mounted the little Zaurus's /usr/src and /usr/obj from my FreeBSD host. I used cvsup to get the entire OpenBSD archive, then checked out copies of ports and and src (forgot to add ports to my list up on top, I had 3 remotely mounted filesystems). OK, I went ahead, built a kernel successfully, and did a make build. I was kinda shocked to find that the install was included in the build target, so this shows me to be a little bit stupid, that I didn't read it well enough to make sure, but that's not the problem. I had the new kernel installed, and it seems to boot ok, but for both of my two user's, once I enter my password, it immediately cycles back to login: again. I tried giving it tons of control'c's but that wouldn't catch it, so I cna't get logged in. Look, as far as emergencies go, I have the orignal Linux OS sitting in back as a emergency, and it does work, so if there's no better fix, I could reinstall everything, or maybe just my /etc/ but could anyone give me guesses as to what sort of screwup I perpetrated, so as to keep me from getting logged in? Else, I will probably do this again, and I really, really like to learn from my mistakes, you know? Thanks for your guesses, folks... Something got broken, and I suspect it was in /etc, but I can't picture a simple make build in /usr/src as the full culprit here. (This shouldn't mess with /etc/*. As of yesterday, when I did one (4.0 stable) it didn't.) so first try this: at the BOOT prompt, enter -s ; this should give you single user mode, i.e. a root shell on the console, with no filesystems save / mounted. You can at this point inspect /etc/master.passwd and see what is up. (Are your users there? what's in their password fields?) Are other things in /etc messed up? Things that you customized, like /etc/myname, /etc/mygate, probably /etc/rc.conf, others. If you find something obvious, you can fix it. First remount / for writing (mount -u -o rw /) Then you can mount /usr to get some tools (mount /usr should do it). Do dmesg | head and see what the kernel thinks it is, then read on: (You will need to mount /usr to get /usr/bin/head, or just dmesg and be quick on the ^S or ^C, or pipe the dmesg to /tmp/foo and use ed on it. In ed, try 1,10p to display lines 1 through 10. Use q to quit. When you get the system working, print out the ed man page and put it in your desk.) You should see something like this: [EMAIL PROTECTED] root]# dmesg | head -2 OpenBSD 4.0-stable (GENERIC.MP) #3: Wed Jan 10 11:55:06 EST 2007 [EMAIL PROTECTED]:/usr/src/sys/arch/i386/compile/GENERIC.MP (Probably just GENERIC not GENERIC.MP). A possible source of your problem: when you checked out the sources, what tag did you specify in the cvs command? It should have been of the form -r OPENBSD_4_0. If you didn't specify a tag, you did not get STABLE, you got current, the experimental/developmental branch. You did not want to do that ;-) If you did, then boot the installation CD and do a reinstallation. On your freebsd box, you can check the tag by displaying the file {some path known to you}/src/CVS/Tag. If it's not TOPENBSD_4_0 wipe out the hierarchy and re-fetch it. this tag business applies to the X and ports sources, too. man 8 release (very most excellent reading, refreshing and engaging, with a plot you just can't put down.) man 1 cvs (packed full of vital goodness.) Dave
Re: unable to login
On 2007/01/10 15:55, Chuck Robey wrote: Look, as far as emergencies go, I have the orignal Linux OS sitting in back as a emergency, boot bsd.rd then you can do an upgrade install. I could reinstall everything, or maybe just my /etc/ but could anyone give me guesses as to what sort of screwup I perpetrated, so as to keep me from getting logged in? Else, I will probably do this again, and I really, really like to learn from my mistakes, you know? you don't say which versions were involved, but if you installed 4.0 and then did a 'make build' of -current source, that's one problem - unlike FreeBSD the procedure here is to do a binary upgrade to the nearest -current snapshot before make build. it's an arm arch:- N.B. http://www.openbsd.org/faq/current.html#20061227 (besides the snapshot install of the system binaries, there will be more to do if you changed your shell to something from packages).