From owner-freebsd-questions@FreeBSD.ORG Wed Jun 17 21:58:24 2009 Return-Path: Delivered-To: questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 2890E1065686; Wed, 17 Jun 2009 21:58:24 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from mail.locolomo.org (97.pool85-48-194.static.orange.es [85.48.194.97]) by mx1.freebsd.org (Postfix) with ESMTP id CA72F8FC16; Wed, 17 Jun 2009 21:58:23 +0000 (UTC) (envelope-from norgaard@locolomo.org) Received: from beta.1-16-172-dyn.locolomo.org (beta.1-16-172-dyn.locolomo.org [172.16.1.127]) by mail.locolomo.org (Postfix) with ESMTPSA id 826F11C1A66; Wed, 17 Jun 2009 23:58:22 +0200 (CEST) Message-ID: <4A3966FE.7020702@locolomo.org> Date: Wed, 17 Jun 2009 23:58:22 +0200 From: Erik Norgaard User-Agent: Thunderbird 2.0.0.21 (Macintosh/20090302) MIME-Version: 1.0 To: Mel Flynn References: <4A38D6FE.8000804@locolomo.org> <200906171204.38995.mel.flynn+fbsd.questions@mailing.thruhere.net> In-Reply-To: <200906171204.38995.mel.flynn+fbsd.questions@mailing.thruhere.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Cc: questions@freebsd.org, freebsd-questions@freebsd.org Subject: Re: Problem authenticating with sasl in jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Jun 2009 21:58:24 -0000 Mel Flynn wrote: > On Wednesday 17 June 2009 03:43:58 Erik Norgaard wrote: > >> I am migrating my imap server to a jail, I got the jail up and >> cyrus-imapd starts. I have copied configuration files from the current >> server, cyrus.conf, imapd.conf and passwd and group files. saslauthd is >> running, yet when I try to login I get the error: >> >> IMAP Password: >> Login failed: generic failure at >> /usr/local/lib/perl5/site_perl/5.10.0/mach/Cyrus/IMAP/Admin.pm line 120 >> cyradm: cannot authenticate to server with as cyrus > ^^ > Looks like there's missing something there. Would should be at that spot of > the error message? Maybe a little context of line 120 in Admin.pm would help, > for us that use dovecot. > The lines giving that error is in fact in Cyrus::IMAP::Shell.pm: $cyradm->authenticate(-authz => $authz, -user => $auth, -mechanism => $mech, -password => $pw, -tlskey => $tlskey, -notls => $notls) or die "cyradm: cannot authenticate to server with $mech as $auth\n"; $mech is not defined, hence the missing word. I have tried running the script specifying a mechanism giving the same error, though some currious difference: jail# cyradm --user cyrus --auth plain 172.16.0.2 Password: IMAP Password: Login failed: authentication failure at /usr/local/lib/perl5/site_perl/5.10.0/mach/Cyrus/IMAP/Admin.pm line 120 cyradm: cannot authenticate to server with plain as cyrus jail# cyradm --user cyrus --auth login 172.16.0.2 IMAP Password: Login failed: authentication failure at /usr/local/lib/perl5/site_perl/5.10.0/mach/Cyrus/IMAP/Admin.pm line 120 cyradm: cannot authenticate to server with login as cyrus Looking again on the logs: Jun 17 23:39:17 jail imap[8412]: badlogin: jail.example.com [172.16.0.2] plaintext cyrus@example.com SASL(-13): user not found: checkpass failed The user cyrus exists, I can login and get shell access, but there may be something about the realm, that causes the user not to be found? But: jail# /usr/local/sbin/testsaslauthd -u cyrus -p secret 0: OK "Success." jail# /usr/local/sbin/testsaslauthd -u cyrus -r example.com -p secret 0: OK "Success." Thanks, Erik -- Erik Nørgaard Ph: +34.666334818/+34.915211157 http://www.locolomo.org