From owner-freebsd-questions@FreeBSD.ORG Tue Aug 26 07:28:28 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D0C9C16A4BF for ; Tue, 26 Aug 2003 07:28:28 -0700 (PDT) Received: from tonnikala.nettikala.fi (tonnikala.nettikala.fi [212.182.218.250]) by mx1.FreeBSD.org (Postfix) with ESMTP id C022F43FA3 for ; Tue, 26 Aug 2003 07:28:27 -0700 (PDT) (envelope-from mailing-lists@johanpaul.com) Received: from localhost (localhost [127.0.0.1]) by tonnikala.nettikala.fi (Postfix) with ESMTP id BA0BD4200C9; Tue, 26 Aug 2003 17:28:29 +0300 (EEST) Received: by tonnikala.nettikala.fi (Postfix, from userid 612) id 9ABBD4200E4; Tue, 26 Aug 2003 17:28:29 +0300 (EEST) Received: from johanpaul.com (tellus.milkyway [10.0.42.1]) by tonnikala.nettikala.fi (Postfix) with ESMTP id E4F6D4200C9; Tue, 26 Aug 2003 17:28:28 +0300 (EEST) Message-ID: <3F4B6E87.9050906@johanpaul.com> Date: Tue, 26 Aug 2003 17:28:23 +0300 From: Johan Paul User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 X-Accept-Language: fi, en-us, en MIME-Version: 1.0 To: Jon Mercer References: <1367.193.166.135.194.1061902265.squirrel@silakka.nettikala.fi> <3F4B607C.9040603@achean.com> In-Reply-To: <3F4B607C.9040603@achean.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=-2.3 required=7.0 tests=IN_REP_TO,QUOTED_EMAIL_TEXT,REFERENCES,SPAM_PHRASE_03_05, USER_AGENT,USER_AGENT_MOZILLA_UA,X_ACCEPT_LANG version=2.43-cvs X-Spam-Level: X-Virus-Scanned: by AMaViS snapshot-20020531 cc: freebsd-questions@freebsd.org Subject: Re: Cyrus IMAP with pam_mysql? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Aug 2003 14:28:29 -0000 Hi and thanks for you reply! > Welcome to nightmaresville. I struggled with this for yonks, and found > that there were some other files that needed to be setup, e.g.: F**k! I mean why does it have to be so difficult? In RedHat Linux I got the same configuration up without any problems... > ajax# cd /usr/local/lib/sasl2 > ajax# cat Cyrus.conf > pwcheck_method: saslauthd > ajax# Ok, well added that there also. And then I read somewhere that the pwcheck_method -line should be in imapd.conf too. > There is at least one other one, and I'm trying to find it! > > Are you getting any trace out that you can post? I'd agree with you that > it doesn't seem to be contacting the database. If you have a log against > mysql, you could check this from the database end. This was actually the other thing I was wondering about; a) where is my.cnf in FreeBSD to config MySQL for and b) where does MySQL log the queries? I would love to look into what pam really tries to do with mysql - or doesn't. The only thing I can trace back to is the line I get into /var/log/messages: Aug 26 17:28:27 silakka imapd[3167]: login: my.machine[127.0.0.1] kypeli plaintext Yes, it works but it works dispite it shouldn't since I removed the line from database with my username. In fact I read these postings with this username that shouldn't work :) > In my view, the docs for Cyrus fall a long way short of what is really > needed! Yep! And this isn't the first time I struggle with Cyrus and notice that the docs are out of date and mailing lists/newsgroups are the only way to get help. Thank god for them :) But the wierdest thing is that I think it in fact does use pam to auth but it uses the wrong service (a one that authenticates from /etc/passwd). Can anyone verify if this is possible? What it the correct service line for pam.conf? > Cheers, > > Jon Mercer Thanks, Johan Paul > > > Johan Paul wrote: > >> Hi, >> >> Has anyone managed to get the Cyrus imapd to authenticate with pam_mysql >> -authentication? >> >> In /usr/local/etc/imapd.conf I have: >> allowanonymouslogin: no >> allowplaintext: yes >> sasl_pwcheck_method: saslauthd >> sasl_mech_list: PLAIN >> >> ...among other things. >> >> I am running saslauthd with pam authentication: >> silakka# ps xa |grep saslauthd >> 258 ?? Is 0:00.01 /usr/local/sbin/saslauthd1 -a pam >> >> >> This is what I have in my /etc/pam.conf: >> >> # Mail services >> imap auth sufficient pam_mysql.so user=mail passwd=uBerSecRETPASS >> host=localhost db=mail table=accountuser usercolumn=username >> passwdcolumn=password crypt=1 >> >> imap account required pam_mysql.so user=mail passwd=uBerSecRETPASS >> host=localhost db=mail table=accountuser usercolumn=username >> passwdcolumn=password crypt=1 >> >> The problem, I think, is the service column. The authentication is done >> via PAM since when I change the password for my shell account the mail >> password is changed too. But saslauthd uses some other service to >> authenticate, not imap and thus not pam_mysql. Why doesn't it reconize >> the >> above lines for Cyrus? >> >> I am running FreeBSD 4.8R >> >> This is giving me serious headache :) Thanks in advance for any clues!! >> >> >> Regards, >> >> Johan Paul >>