Does anyone have any
hints?
I have seen similar
posts on the list about this, but even looking at those suggestions, I cannot
find the problem.
When trying to login
to to the web-cryadm page, I get a message "Database error" and nothing
else.
I have reset the
passwords in the database to plaintext to try and take any crypt issues out of
the equation.
I am logging all
mysql activity and see no activity when trying to login which leads me to
believe I have some issue with my configuration of the
web-cyradm.
I have verified
mysql is functioning, and is accessible via 127.0.0.1:3306 and
/var/lib/mysql/mysql.sock, and have set the mysql.default_socket in
php.ini...
; Default socket
name for local MySQL connects. If empty, uses the built-in
; MySQL defaults.
mysql.default_socket = /var/lib/mysql/mysql.sock
; MySQL defaults.
mysql.default_socket = /var/lib/mysql/mysql.sock
I also had to add
the path for the pear DB files to get rid of the DB error
messages
; UNIX:
"/path1:/path2"
include_path = ".:/php/includes:/usr/share/pear"
include_path = ".:/php/includes:/usr/share/pear"
I have verified that
authentication via sasl to the mysql database works...
[EMAIL PROTECTED]
config]# /usr/sbin/testsaslauthd
/usr/sbin/testsaslauthd: usage: /usr/sbin/testsaslauthd -u username -p password
[-r realm] [-s servicename]
[-f socket path] [-R repeatnum]
[EMAIL PROTECTED] config]# /usr/sbin/testsaslauthd -u cyrus -p secret
0: OK "Success."
/usr/sbin/testsaslauthd: usage: /usr/sbin/testsaslauthd -u username -p password
[-r realm] [-s servicename]
[-f socket path] [-R repeatnum]
[EMAIL PROTECTED] config]# /usr/sbin/testsaslauthd -u cyrus -p secret
0: OK "Success."
**
/var/log/mysqld.log
051005
15:57:11 8 Connect
[EMAIL PROTECTED] on
mail
8 Init DB mail
8 Query SELECT password FROM accountuser WHERE username='cyrus'
8 Query insert into log (msg, user, host, pid, time) values('AUTH SUCCESSFUL', 'cyrus', '', '23180', NOW())
8 Quit
8 Init DB mail
8 Query SELECT password FROM accountuser WHERE username='cyrus'
8 Query insert into log (msg, user, host, pid, time) values('AUTH SUCCESSFUL', 'cyrus', '', '23180', NOW())
8 Quit
There is nothing in
/var/log/web-cyradm/web-cyradm.log
/var/log/web-cyradm-login.log shows an entry at each
attempt
Oct 05 15:43:11
[INFO] LOGIN : 208.180.232.83 cyrus Mozilla/4.0 (compatible; MSIE 6.0; Windows
NT 5.1; .NET CLR 1.1.4322) http://server2.clusterweb.net/web-cyradm/
POST
**
/var/www/html/web-cyradm/config/conf.php:
[EMAIL PROTECTED]
config]# cat conf.php
<?php
<?php
########################################################################################
#
# This is web-cyradm Version 0.5.4 CVS
#
#
#########################################################################################
#
# This is web-cyradm Version 0.5.4 CVS
#
#
#########################################################################################
// Set Default
language
$DEFAULTLANG =
"en_EN";
# The Cyrus login
stuff
$CYRUS = array(
'HOST' => 'localhost',
'PORT' => 143,
'ADMIN' => 'cyrus',
'PASS' => 'secret'
);
$CYRUS = array(
'HOST' => 'localhost',
'PORT' => 143,
'ADMIN' => 'cyrus',
'PASS' => 'secret'
);
/*
DB_TYPE
Possible
Values are:
o mysql
o pgsql
o mysql
o pgsql
To operate a
mailsystem with postgreSQL you will need a patch
for
Postfix.
Postfix.
Other
Databases need to be supported by PAM and postfix
*/
*/
$DB =
array(
'TYPE' => 'mysql',
'USER' => 'mail',
'PASS' => 'secret',
'PROTO' => 'tcp', // set to "tcp" for TCP/IP
'HOST' => 'localhost',
'NAME' => 'mail'
);
'TYPE' => 'mysql',
'USER' => 'mail',
'PASS' => 'secret',
'PROTO' => 'tcp', // set to "tcp" for TCP/IP
'HOST' => 'localhost',
'NAME' => 'mail'
);
$DB['DSN'] =
sprintf('%s://%s:[EMAIL PROTECTED]/%s', $DB['TYPE'],
$DB['USER'],
$DB['PASS'], $DB['PROTO'],
$DB['HOST'], $DB['NAME']);
$DB['PASS'], $DB['PROTO'],
$DB['HOST'], $DB['NAME']);
# Where should
web-cyradm write its log to?
$LOG_DIR = "/var/log/web-cyradm/";
$LOG_DIR = "/var/log/web-cyradm/";
/* Log
level
Possible values are (from quiet to verbose):
ERR - only internal errors
WARN - failed login, security violation
INFO - all login and logout
DEBUG - all possible information
*/
$LOG_LEVEL = "DEBUG";
Possible values are (from quiet to verbose):
ERR - only internal errors
WARN - failed login, security violation
INFO - all login and logout
DEBUG - all possible information
*/
$LOG_LEVEL = "DEBUG";
# The default
timeout in seconds for a session, after that you have to login
again
$SESS_TIMEOUT = 1000;
$SESS_TIMEOUT = 1000;
# The default quota
sets the default quota for new accounts
$DEFAULT_QUOTA = 20000;
$DEFAULT_QUOTA = 20000;
# The default domain
quota sets the quota for new domains
# 0 = No quota
$DEFAULT_DOMAIN_QUOTA = 0;
# 0 = No quota
$DEFAULT_DOMAIN_QUOTA = 0;
# On what quota
level mark accounts on accounts list (in %)
$QUOTA_WARN_LEVEL = 90;
$QUOTA_WARN_LEVEL = 90;
# Defines if
passwords are encrypted or not.
# Valid Values:
# - plain 0 No encription is used
# - crypt 1 (shadow compatible encription)
# - mysql 2 (MySQL PASSWORD function)
# - md5 3 (MD5 digest)
$CRYPT = "plain";
# Valid Values:
# - plain 0 No encription is used
# - crypt 1 (shadow compatible encription)
# - mysql 2 (MySQL PASSWORD function)
# - md5 3 (MD5 digest)
$CRYPT = "plain";
# web-cyradm is
compatible with cyrus-imapd-2.0.16 (and earlier?)
# however, if you are using 2.1.x and wish to use email addresses
# with .'s in them such as '[EMAIL PROTECTED]' you can set this
# option DOMAIN_AS_PREFIX to '1'. NOTE: you also have to add this
# line to your imapd.conf file:
#### imapd.conf: ####
# unixhierarchysep: yes
# however, if you are using 2.1.x and wish to use email addresses
# with .'s in them such as '[EMAIL PROTECTED]' you can set this
# option DOMAIN_AS_PREFIX to '1'. NOTE: you also have to add this
# line to your imapd.conf file:
#### imapd.conf: ####
# unixhierarchysep: yes
####
$DOMAIN_AS_PREFIX = 1;
$DOMAIN_AS_PREFIX = 1;
# At the moment,
web-cyradm supports two methods of password change:
# - through sql
# - poppassd
# sql is the default
$PASSWORD_CHANGE_METHOD = "sql";
# - through sql
# - poppassd
# sql is the default
$PASSWORD_CHANGE_METHOD = "sql";
# Turn up error
reporting level. This overrides settings in your php.ini
#
# E_ALL - All errors and warnings
# E_ERROR - fatal run-time errors
# E_WARNING - run-time warnings (non-fatal errors)
# E_PARSE - compile-time parse errors
# E_NOTICE - run-time notices (these are warnings which often result
# from a bug in your code, but it's possible that it was
# intentional (e.g., using an uninitialized variable and
# relying on the fact it's automatically initialized to an
# empty string)
# E_CORE_ERROR - fatal errors that occur during PHP's initial startup
# E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
# initial startup
# E_COMPILE_ERROR - fatal compile-time errors
# E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
# E_USER_ERROR - user-generated error message
# E_USER_WARNING - user-generated warning message
# E_USER_NOTICE - user-generated notice message
#
# E_ALL - All errors and warnings
# E_ERROR - fatal run-time errors
# E_WARNING - run-time warnings (non-fatal errors)
# E_PARSE - compile-time parse errors
# E_NOTICE - run-time notices (these are warnings which often result
# from a bug in your code, but it's possible that it was
# intentional (e.g., using an uninitialized variable and
# relying on the fact it's automatically initialized to an
# empty string)
# E_CORE_ERROR - fatal errors that occur during PHP's initial startup
# E_CORE_WARNING - warnings (non-fatal errors) that occur during PHP's
# initial startup
# E_COMPILE_ERROR - fatal compile-time errors
# E_COMPILE_WARNING - compile-time warnings (non-fatal errors)
# E_USER_ERROR - user-generated error message
# E_USER_WARNING - user-generated warning message
# E_USER_NOTICE - user-generated notice message
error_reporting(E_ALL);
$VERSION="0.5.5-Beta1";
# Define reserved
Emailadresses (Separated by
comma):
$RESERVED="postmaster,root";
$RESERVED="postmaster,root";
$TEMPLATE[0]="default";
$TEMPLATE[1]="green";
$TEMPLATE[1]="green";
**
/etc/imapd.conf:
configdirectory:
/var/lib/imap
servername: server2.clusterweb.net
partition-default: /var/spool/imap
admins: cyrus root
allowanonymouslogin: no
allowplaintext: yes
reject8bit: no
dracinterval: 0
drachost: localhost
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: plain cram-md5 digest-md5
sasl_auxprop_plugin: sql
sasl_sql_engine: mysql
sasl_sql_user: mail
sasl_sql_passwd: secret
sasl_sql_hostnames: localhost
sasl_sql_database: mail
sasl_sql_statement: select password from accountuser where username = '%u'
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
unixhierarchysep: yes
servername: server2.clusterweb.net
partition-default: /var/spool/imap
admins: cyrus root
allowanonymouslogin: no
allowplaintext: yes
reject8bit: no
dracinterval: 0
drachost: localhost
sievedir: /var/lib/imap/sieve
sendmail: /usr/sbin/sendmail
hashimapspool: true
sasl_pwcheck_method: saslauthd
sasl_mech_list: plain cram-md5 digest-md5
sasl_auxprop_plugin: sql
sasl_sql_engine: mysql
sasl_sql_user: mail
sasl_sql_passwd: secret
sasl_sql_hostnames: localhost
sasl_sql_database: mail
sasl_sql_statement: select password from accountuser where username = '%u'
tls_cert_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_key_file: /usr/share/ssl/certs/cyrus-imapd.pem
tls_ca_file: /usr/share/ssl/certs/ca-bundle.crt
unixhierarchysep: yes
**
/etc/cyrus.conf:
# standard
standalone server implementation
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is
only necessary if using idled for IMAP IDLE
# idled cmd="idled"
}
# idled cmd="idled"
}
# UNIX sockets start
with a slash and are put into /var/lib/imap/sockets
SERVICES {
# add or remove based on preferences
# imap cmd="imapd" listen="10.0.0.2:imap" prefork=5
# imaps cmd="imapd -s" listen="216.81.36.12:imaps" prefork=1
imaplocal cmd="imapd" listen="127.0.0.1:imap" prefork=0
# pop3 cmd="pop3d" listen="pop3" prefork=3
# pop3s cmd="pop3d -s" listen="pop3s" prefork=1
# sieve cmd="timsieved" listen="sieve" prefork=0
# add or remove based on preferences
# imap cmd="imapd" listen="10.0.0.2:imap" prefork=5
# imaps cmd="imapd -s" listen="216.81.36.12:imaps" prefork=1
imaplocal cmd="imapd" listen="127.0.0.1:imap" prefork=0
# pop3 cmd="pop3d" listen="pop3" prefork=3
# pop3s cmd="pop3d -s" listen="pop3s" prefork=1
# sieve cmd="timsieved" listen="sieve" prefork=0
# these are
only necessary if receiving/exporting usenet via NNTP
# nntp cmd="nntpd" listen="nntp" prefork=3
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# nntp cmd="nntpd" listen="nntp" prefork=3
# nntps cmd="nntpd -s" listen="nntps" prefork=1
# at least
one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/lib/imap/socket/lmtp" prefork=1
# this is
only necessary if using notifications
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}
# notify cmd="notifyd" listen="/var/lib/imap/socket/notify" proto="udp" prefork=1
}
EVENTS {
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is required
checkpoint cmd="ctl_cyrusdb -c" period=30
# this is
only necessary if using duplicate delivery suppression,
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400
# Sieve or NNTP
delprune cmd="cyr_expire -E 3" at=0400
# this is
only necessary if caching TLS sessions
tlsprune cmd="tls_prune" at=0400
}
tlsprune cmd="tls_prune" at=0400
}
/etc/pam.d/imap:
#%PAM-1.0
#auth required /lib/security/pam_stack.so service=system-auth
#account required /lib/security/pam_stack.so service=system-auth
auth sufficient /lib64/security/pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
account required /lib64/security/pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
#auth required /lib/security/pam_stack.so service=system-auth
#account required /lib/security/pam_stack.so service=system-auth
auth sufficient /lib64/security/pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
account required /lib64/security/pam_mysql.so user=mail passwd=secret host=localhost db=mail table=accountuser usercolumn=username passwdcolumn=password crypt=0 logtable=log logmsgcolumn=msg logusercolumn=user loghostcolumn=host logpidcolumn=pid logtimecolumn=time
_______________________________________________ This mailing list is hosted and supported by bit-heads GmbH | http://www.bit-heads.ch
_______________________________________________ Web-cyradm mailing list [email protected] http://www.web-cyradm.org/mailman/listinfo/web-cyradm
