[KLUG Members] simple pop access setup

Richard Harding rick at ricksweb.info
Fri Nov 12 19:45:43 EST 2004

Previous message: [KLUG Members] simple pop access setup
Next message: [KLUG Members] What is the meaning of these?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Adam Tauno Williams wrote:

>>>What are you SASLing (?) against?  PAM, RADIUS, LDAP, Kerberos?
>>>      
>>>
>>I currently have all of the accounts setup in the normal passwd file 
>>with false shells. I figure the easiest to work off of would be to auth 
>>against that password right now. I have 58 accounts total with an extra 
>>25ish a year so it works for now. Down the road I would like to use 
>>ldap, but that's for another day.
>>    
>>
>
>
>Then I'd assume your using PAM to auth plain text passwords against
>the /etc/passwd & /etc/shadow files (and that PAM already works).
>
>I don't user postfix, but for sendmail one would run the saslauthd
>servive.  This listens on a local socket for chalanges (username+secret)
>and responds to the client (in this case your MTA) with an ACK or NACK
>type response.
>
>For sendmail I'd just add -
>define(`confAUTH_MECHANISMS', `PLAIN')dnl
>TRUST_AUTH_MECH(`PLAIN')dnl
>define(`confAUTH_OPTIONS', `A')dnl
> - to my mc file.
>
>and make sure "saslauthd -a pam" is running (called the saslauthd
>service in SuSe & RedHat).  "-a" specifies the authentication mechanism
>(dce, getpwent, kerberos5, pam, sasldb, ldap, etc...)
>
>And for sendmail I have to create /usr/lib/sasl2/Sendmail.conf
>containing -
>pwcheck_method: saslauthd
>mech_list: plain
>- which tells the sasl libraries how to behave when loaded into the
>process calling itself sendmail.
>
>
>_______________________________________________
>Members mailing list
>Members at kalamazoolinux.org
>
>  
>
Ok, I have come a long way. I can test with testsaslauthd via command 
line and it works. When I have in /etc/postfix/sasl/smtpd.conf :
pwcheck_method: saslauthd
mech_list: PLAIN LOGIN

and I attempt to connect it times out and I get the following error in 
mail.info:
Nov 12 20:40:14 spartan postfix/smtpd[9593]: fatal: no SASL 
authentication mechanisms
Nov 12 20:40:15 spartan postfix/master[9570]: warning: process 
/usr/lib/postfix/smtpd pid 9593 exit status 1
Nov 12 20:40:15 spartan postfix/master[9570]: warning: 
/usr/lib/postfix/smtpd: bad command startup -- throttling

if I take out the mech_list line I get the following errors:
Nov 12 20:27:00 spartan postfix/smtpd[9110]: connect from 
unknown[68.xx.xx.xxx]
Nov 12 20:27:04 spartan postfix/smtpd[9110]: warning: SASL 
authentication problem: unable to open Berkeley db /etc/sasldb2: No such 
file or directory
Nov 12 20:27:04 spartan postfix/smtpd[9110]: warning: SASL 
authentication problem: unable to open Berkeley db /etc/sasldb2: No such 
file or directory
Nov 12 20:27:04 spartan postfix/smtpd[9110]: warning: SASL 
authentication failure: no secret in database
Nov 12 20:27:04 spartan postfix/smtpd[9110]: warning: 
unknown[68.xx.xx.xxx]: SASL CRAM-MD5 authentication failed

Which I am assuming it sees the smptd.conf file, but somehow does not 
like the plain & login settings. I have installed:
ii  libsasl2       2.1.19-1.5     Authentication abstraction library
ii  libsasl2-modul 2.1.19-1.5     Pluggable Authentication Modules for SASL
ii  sasl2-bin      2.1.19-1.5     Programs for manipulating the SASL 
users dat

Can oneone point me in what I am missing. Since the command line test 
works I feel like I am VERY close to nailing this thing.

Thanks

Rick

Previous message: [KLUG Members] simple pop access setup
Next message: [KLUG Members] What is the meaning of these?
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Members mailing list