SASL (was "Re: qpopper 4.0.8 + mysql")
At 1:40 PM +0200 8/15/05, Martin Kellermann wrote: another question: is there a known way/patch to get qpopper 4.0.8 work with the cyrus-sasl2 lib? Qpopper 4.1 has code to use Cyrus SASL. -- Randall Gellens Opinions are personal;facts are suspect;I speak for myself only -- Randomly-selected tag: --- Chance that an American cannot name a single right protected by the First Amendment: 1 in 3. (Harper's Index)
Re: qpopper 4.0.8 + mysql
thank you - and shame on me for not thinking about it... of course you are right - changing uids is difficult for qpopper, when no local uids exists ;-) will try the NSS stuff later...time is running and it works now as expexted... but there is another weird thing i didnt dare to ask: when using the -t logfile option (debugging disabled) qpopper logs to the given file instead of syslog. but i see blank lines between the entries...? example: Aug 17 17:14:39.768 2005 [20525] (v4.0.8) Servicing request from blabla Aug 17 17:14:39.768 2005 Aug 17 17:14:39.829 2005 [20525] Stats: username 0 0 0 0 blabla Aug 17 17:14:39.829 2005 Aug 17 17:14:40.968 2005 [20528] (v4.0.8) Servicing request from blabla Aug 17 17:14:40.968 2005 Aug 17 17:14:41.013 2005 [20528] Stats: username 0 0 0 0 blabla Aug 17 17:14:41.013 2005 huh? is this normal behaviour? thanks again in advance MK At 17:42 15.08.2005, you wrote: Qpopper changes uids to read/write spools and temp drop files. Authentication is just one part of PAM. AFAIK, pam_mysql doesn't yet implement PAM 'account' functions, so you must have a local uid in /etc/passwd. The local user need not have a password. I simply create the local users with no home dir, no shell, no password, etc. Another possibility is using NSS to put uids in mysql, and PAM together, but I have not tried this. Here's an interesting doc that explains some of these issues. http://users.linuxbourg.ch/fvgoto/informatica/tbsc/doc/final/pam_mysqlim.pdf Ken A. Martin Kellermann wrote: hi Ken, i was too curious and tried qpopper/PAM/mysql. it is up and running... thanks! but there is one strange behaviour which i cant explain... users are ONLY authentivated if they have a local account (etc/passwd)!? so, maybe my question is a bit offtopic, but i think it is maybe a qpopper or config problem. case 1: - local user named "test" has local password "test" - mysql database has username "test" and password "otherthantest" - qpopper/pam authenticates the user correct when logging in with user "test" and pass "otherthantest" - pam_mysql syslogs without errors, everything is fine case 2: - no local user test exists - mysql database has username "test" and password "otherthantest" - qpopper/pam DOES NOT authenticate the user logging in with user "test" and pass "otherthantest" - pam_mysql syslogs shows NOTHING ! it appears that, when there is no corresponding local user, the whole PAM mechanism isnt started... i configured qpopper with: ./configure --prefix=/usr --sysconfdir=/etc --enable-shy --with-pam=pop3 my /etc/pam.conf is this: pop3 auth required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 pop3 account required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 any ideas? is there a way to tell qpopper to ONLY use PAM for authentication? thanks in advance MK At 00:36 13.08.2005, you wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. Ken Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
A bit more info on a nss-mysql / pam-mysql setup. http://www.linuxbourg.ch/cgi-bin/viewcvs.cgi/pam_mysqlim/Mini-HowToz Ken A Martin Kellermann wrote: hi Ken, i was too curious and tried qpopper/PAM/mysql. it is up and running... thanks! but there is one strange behaviour which i cant explain... users are ONLY authentivated if they have a local account (etc/passwd)!? so, maybe my question is a bit offtopic, but i think it is maybe a qpopper or config problem. case 1: - local user named "test" has local password "test" - mysql database has username "test" and password "otherthantest" - qpopper/pam authenticates the user correct when logging in with user "test" and pass "otherthantest" - pam_mysql syslogs without errors, everything is fine case 2: - no local user test exists - mysql database has username "test" and password "otherthantest" - qpopper/pam DOES NOT authenticate the user logging in with user "test" and pass "otherthantest" - pam_mysql syslogs shows NOTHING ! it appears that, when there is no corresponding local user, the whole PAM mechanism isnt started... i configured qpopper with: ./configure --prefix=/usr --sysconfdir=/etc --enable-shy --with-pam=pop3 my /etc/pam.conf is this: pop3 auth required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 pop3 account required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 any ideas? is there a way to tell qpopper to ONLY use PAM for authentication? thanks in advance MK At 00:36 13.08.2005, you wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. Ken Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
Qpopper changes uids to read/write spools and temp drop files. Authentication is just one part of PAM. AFAIK, pam_mysql doesn't yet implement PAM 'account' functions, so you must have a local uid in /etc/passwd. The local user need not have a password. I simply create the local users with no home dir, no shell, no password, etc. Another possibility is using NSS to put uids in mysql, and PAM together, but I have not tried this. Here's an interesting doc that explains some of these issues. http://users.linuxbourg.ch/fvgoto/informatica/tbsc/doc/final/pam_mysqlim.pdf Ken A. Martin Kellermann wrote: hi Ken, i was too curious and tried qpopper/PAM/mysql. it is up and running... thanks! but there is one strange behaviour which i cant explain... users are ONLY authentivated if they have a local account (etc/passwd)!? so, maybe my question is a bit offtopic, but i think it is maybe a qpopper or config problem. case 1: - local user named "test" has local password "test" - mysql database has username "test" and password "otherthantest" - qpopper/pam authenticates the user correct when logging in with user "test" and pass "otherthantest" - pam_mysql syslogs without errors, everything is fine case 2: - no local user test exists - mysql database has username "test" and password "otherthantest" - qpopper/pam DOES NOT authenticate the user logging in with user "test" and pass "otherthantest" - pam_mysql syslogs shows NOTHING ! it appears that, when there is no corresponding local user, the whole PAM mechanism isnt started... i configured qpopper with: ./configure --prefix=/usr --sysconfdir=/etc --enable-shy --with-pam=pop3 my /etc/pam.conf is this: pop3 auth required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 pop3 account required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 any ideas? is there a way to tell qpopper to ONLY use PAM for authentication? thanks in advance MK At 00:36 13.08.2005, you wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. Ken Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
hi Ken, i was too curious and tried qpopper/PAM/mysql. it is up and running... thanks! but there is one strange behaviour which i cant explain... users are ONLY authentivated if they have a local account (etc/passwd)!? so, maybe my question is a bit offtopic, but i think it is maybe a qpopper or config problem. case 1: - local user named "test" has local password "test" - mysql database has username "test" and password "otherthantest" - qpopper/pam authenticates the user correct when logging in with user "test" and pass "otherthantest" - pam_mysql syslogs without errors, everything is fine case 2: - no local user test exists - mysql database has username "test" and password "otherthantest" - qpopper/pam DOES NOT authenticate the user logging in with user "test" and pass "otherthantest" - pam_mysql syslogs shows NOTHING ! it appears that, when there is no corresponding local user, the whole PAM mechanism isnt started... i configured qpopper with: ./configure --prefix=/usr --sysconfdir=/etc --enable-shy --with-pam=pop3 my /etc/pam.conf is this: pop3 auth required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 pop3 account required pam_mysql.so verbose=1 host=localhost db=* table=* user=* passwd=* usercolumn=* passwdcolumn=* where=active=1 crypt=0 any ideas? is there a way to tell qpopper to ONLY use PAM for authentication? thanks in advance MK At 00:36 13.08.2005, you wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. Ken Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
thanks for the hint, i will try pam_mysql the next days... another question: is there a known way/patch to get qpopper 4.0.8 work with the cyrus-sasl2 lib? thank you MK At 01:47 13.08.2005, you wrote: At 06:36 PM 8/12/2005, Ken A wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. I like the sound of that! Perhaps all we need at this point is some text for the documentation, rather than software work :) Dan Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
At 06:36 PM 8/12/2005, Ken A wrote: An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. I like the sound of that! Perhaps all we need at this point is some text for the documentation, rather than software work :) Dan Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
An alternative to patching qpopper is pam_mysql, which works fine with 4.08. Just configure qpopper --with-pam and setup /etc/pam.d/pop3 to use pam_mysql.so. This makes upgrades a bit less painful. Ken Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. MK
Re: qpopper 4.0.8 + mysql
At 11:59 AM 8/12/2005, Martin Kellermann wrote: hi list, is there a patch for qpopper 4.0.8 to support mysql auth? what i found is: http://www.asteroid-b612.org/software/qpopper-mysql/qpopper-mysql-0.14.patch but unfortunately it is for version 4.0.5 ... or, does it work for 4.0.8 ? i use qpopper for lots of years nowsimply wonderful. but some mysql support would be fine... thanks for you hints.. That patch set appears to add more than just mysql. I'd like to have a discussion and invite the patch author, preferably on the developers list, about integrating such support. I agree it would be useful, and would prefer to see the capabilities merged into the mainline code once it's been integrated and tested. Dan
