Date: Thu, 25 Sep 2014 17:04:24 +0200 From: Dimitry Andric <dim@FreeBSD.org> To: tundra@tundraware.com Cc: FreeBSD stable <freebsd-stable@freebsd.org>, =?iso-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@FreeBSD.org> Subject: Re: 10.1 BETA2 World - Breaks saslauthd Message-ID: <3DA4B666-AB81-4F25-ABAE-DDC163F41E20@FreeBSD.org> In-Reply-To: <b492e700f57a52e21f7755e6d01bd863.squirrel@www.tundraware.com> References: <b492e700f57a52e21f7755e6d01bd863.squirrel@www.tundraware.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 25 Sep 2014, at 16:54, Tim Daneliuk <tundra@tundraware.com> wrote: > I've seen this behavior over the last week or two when I try to upgrade > to latest stable sources. Currently just installed kernel and world for: > > /usr/src>svn info > Path: . > Working Copy Root Path: /usr/src > URL: svn://svn.freebsd.org/base/stable/10 > Relative URL: ^/stable/10 > Repository Root: svn://svn.freebsd.org/base > Repository UUID: ccf9f872-aa2e-dd11-9fc8-001c23d0bc1f > Revision: 272095 > Node Kind: directory > Schedule: normal > Last Changed Author: peter > Last Changed Rev: 272078 > Last Changed Date: 2014-09-24 14:30:36 -0500 (Wed, 24 Sep 2014) > > This breaks saslauthd - it demands a password when sending mail, but then > rejects it in every case. > > If I just install a new kernel, everything is fine. But if I install > world, that's when the problem shows up. I've tried a full reinstall of > cygnus sasls and the daemon is running. > > Ideas on how to chase this down/fix, would be appreciated... It is probably caused by this MFC: http://svnweb.freebsd.org/changeset/base/271766 To make saslauthd work again, you need to specify a correct PAM policy file in /usr/local/etc/pam.d for your service, most likely "smtp" in this case. E.g., create a file /usr/local/etc/pam.d/smtp, containing at least: auth required pam_unix.so no_warn try_first_pass account required pam_unix.so session required pam_permit.so password required pam_permit.so Optionally, add a line: auth required pam_group.so luser group=smtp-users fail_safe to allow only members of the smtp-users group to authenticate successfully. -Dimitry [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) iEYEARECAAYFAlQkLwEACgkQsF6jCi4glqMMuwCfU+JtTD/2d5kfZmhnOrYF3Wam XbkAoOBMxBQG1VlthYoVJoWz+dGgEJFI =oFQb -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3DA4B666-AB81-4F25-ABAE-DDC163F41E20>