-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED]
Sent: Saturday, September 17, 2005 6:31 AM
To: [email protected]
Subject: [Web-cyradm] Convert auth db from sasldb to mysql
OK. I'm trying to install web-cyradm in a fedora core 4 system with
cyrus-imapd and postfix already installed. The mail system logins through
sasldb2 database with contains user names. Users have been added with
saslpasswd methods and everything works fine. Mailsystem is working fine.
Now I want to authenticate users through mysql database and I want to use
web-cyradm.
First, I have tried cyrus-imapd server works correctly. I have changed
/etc/pam.d/imap file and I have added the neccesary lines for mysql and
crypt auth. I have added some lines to /etc/imapd.conf to configure
cyrus-imapd correctly. saslauthd is using pam as auth mechanism.
I have added users to mysql database *manually* because I had users created
into cyrus system. I think I have added users correctly. I have used scripts
from web-cyradm to create databases and admin users and I have added new
users with ENCRYPT commands. Domain names and prefixes are inserted OK. I
have compared the new database with another one created for web-cyradm (that
works OK) and they have the same things (certainly with domain names
changed).
I have tried to login into cyrus-imap with cyradm --user cyrus --server
localhost --auth plain (this command worked fine with sasldb2 database) and
logs show me the following things:
maillog:
anna imap[16006]: accepted connection
anna imap[16006]: badlogin: anna.localhost.com [127.0.0.1] PLAIN [SASL(-16):
encryption needed to use mechanism: security flags do not match required]
anna imap[16006]: badlogin: anna.localhost.com [127.0.0.1] plaintext cyrus
SASL(-13): authentication failure: checkpass failed
mysql log:
69 Connect [EMAIL PROTECTED] on mail
69 Init DB mail
69 Query SELECT password FROM accountuser WHERE username='cyrus'
69 Query insert into log (msg, user, host, pid, time) values('AUTH
SUCCESSFUL', 'cyrus', '', '15719', NOW())
69 Quit
With testsaslauthd -u cyrus -p password -s imap I obtain:
0: NO "authentication failed"
I think mysql authentication is working OK ('AUTH SUCCESSFUL') but something
is wrong near pam-auth when cyrus-imap server try to authenticate users and
I don't know what it is.
I need suggestions, please.
MhBeyle
__
Saturday, September 17, 2005
I had this same problem about a week ago. Most of it had to do with
pam_mysql although your situation seems different. Make sure you have these
packages installed by running
# rpm -qa | grep sasl
You get these packages if it is correct:
cyrus-sasl-devel-2.1.20-5
cyrus-sasl-2.1.20-5
cyrus-sasl-gssapi-2.1.20-5
cyrus-sasl-md5-2.1.20-5
cyrus-sasl-plain-2.1.20-5
Also, there is a new version of pam_mysql...are you using it? If you are it
really doesn't matter except for the fact that I had to rebuild my own
/etc/pam.d/imap_and_company files and then everything worked fine. Here is
what mine looks like:
auth required pam_mysql.so verbose=0 host=localhost user=mail
passwd=XXXXXXX db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg
logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
account required pam_mysql.so verbose=0 host=localhost user=mail
passwd=XXXXXXX db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=1 logtable=log logmsgcolumn=msg
logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
Its virtually the same as in Luc's Howto but this one seemed to work better
with pam_mysql_7_pre1....although I cant tell you why except for the fact
that the order of variables is different....I tested it a couple of times :)
Also check that the /etc/sysconfig/saslauthd file has this line:
MECH=pam
Your mileage my vary.
Good Luck....this one is a pain.
Dale
_______________________________________________
This mailing list is hosted and supported
by bit-heads GmbH | http://www.bit-heads.ch
_______________________________________________
Web-cyradm mailing list
[email protected]
http://www.web-cyradm.org/mailman/listinfo/web-cyradm
_______________________________________________
This mailing list is hosted and supported
by bit-heads GmbH | http://www.bit-heads.ch
_______________________________________________
Web-cyradm mailing list
[email protected]
http://www.web-cyradm.org/mailman/listinfo/web-cyradm
