I've got Postfix's smtp-auth working here via SASL which in turn is configured to use PAM, but I appear to be having trouble.
I know the module is configured correctly, because it's querying mySQL - but the authentication is failing every time.
The password is stored crypt()'ed, so I set crypt=1 in the config.
After the query I see this in my sasl log;
DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module
But, the query that I see in mysql.log
SELECT password FROM mailbox WHERE username='test@test.com' AND (active=1)
works perfectly fine using the login and password from the command line returning the crypted password string...
I also tried plain text (crypt=0) and setting the password field to a plain text string, and that failed as well.
I'm using Debian (testing)
Source: pam-mysql
Version: 0.5.0-5
any ideas?
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
4 years later, I have exactly this same problem : the SQL request is OK, the crypt parameter is 0 to test, the crypt column contains a clear password, but it fails with "
DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module ".
I checked with pamtester to be sure that the problem is really at the pam level.
I forgot to say I'm using etch with the standard binaries :
mx3:/home/chris/pamtester-0.1.2# dpkg -l |grep pam
ii libpam-modules 0.79-5 Pluggable Authentication Modules for PAM
ii libpam-mysql 0.6.2-1 PAM module allowing authentication from a My
ii libpam-runtime 0.79-5 Runtime support for the PAM library
ii libpam0g 0.79-5 Pluggable Authentication Modules library
ii libpam0g-dev 0.79-5 Development files for PAM
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi!
I've got Postfix's smtp-auth working here via SASL which in turn is configured to use PAM, but I appear to be having trouble.
I know the module is configured correctly, because it's querying mySQL - but the authentication is failing every time.
The password is stored crypt()'ed, so I set crypt=1 in the config.
After the query I see this in my sasl log;
DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module
But, the query that I see in mysql.log
SELECT password FROM mailbox WHERE username='test@test.com' AND (active=1)
works perfectly fine using the login and password from the command line returning the crypted password string...
I also tried plain text (crypt=0) and setting the password field to a plain text string, and that failed as well.
I'm using Debian (testing)
Source: pam-mysql
Version: 0.5.0-5
any ideas?
Hi,
4 years later, I have exactly this same problem : the SQL request is OK, the crypt parameter is 0 to test, the crypt column contains a clear password, but it fails with "
DEBUG: auth_pam: pam_authenticate failed: User not known to the underlying authentication module ".
I checked with pamtester to be sure that the problem is really at the pam level.
This is my conf :
/etc/pam.d/smtp
@include common-auth
@include common-account
auth required pam_mysql.so user=xxxxxxx passwd=xxxxxxxxx host=xxxxxxxxxx db=postfix table=postfix_users usercolumn=login passwdcolumn=crypt crypt=0 verbose=1 try_first_pass sqllog=1
#account sufficient pam_mysql.so user=xxxxxxx passwd=xxxxxxxxx host=xxxxxxxxx db=postfix table=postfix_users usercolumn=login passwdcolumn=crypt crypt=0 verbose=1 try_first_pass sqllog=1
I activated the SQL log on the SQL server, and I see the request, which is good (I tested it manually)
This is the content of the logs :
Aug 6 16:04:05 mx3 pamtester: (pam_unix) check pass; user unknown
Aug 6 16:04:05 mx3 pamtester: (pam_unix) authentication failure; logname=chris uid=0 euid=0 tty= ruser= rhost=
Aug 6 16:04:05 mx3 pamtester: pam_mysql - option verbose is set to "1"
Aug 6 16:04:05 mx3 pamtester: pam_mysql - option sqllog is set to "1"
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_close_db() called.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_sm_authenticate() called.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_open_db() called.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_open_db() returning 0.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_check_passwd() called.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_format_string() called
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_quick_escape() called.
Aug 6 16:04:05 mx3 last message repeated 3 times
Aug 6 16:04:05 mx3 pamtester: pam_mysql - SELECT crypt FROM postfix_users WHERE login = 'xxxxxxxxxxxxxx'
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_sql_log() called.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - sqllog set but logtable not set
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_mysql_check_passwd() returning 0.
Aug 6 16:04:05 mx3 pamtester: pam_mysql - pam_sm_authenticate() returning 0.
Aug 6 16:04:07 mx3 pamtester: pam_mysql - pam_mysql_release_ctx() called.
Aug 6 16:04:07 mx3 pamtester: pam_mysql - pam_mysql_destroy_ctx() called.
Aug 6 16:04:07 mx3 pamtester: pam_mysql - pam_mysql_close_db() called.
Any idea ?
Thank you !
Zal
I forgot to say I'm using etch with the standard binaries :
mx3:/home/chris/pamtester-0.1.2# dpkg -l |grep pam
ii libpam-modules 0.79-5 Pluggable Authentication Modules for PAM
ii libpam-mysql 0.6.2-1 PAM module allowing authentication from a My
ii libpam-runtime 0.79-5 Runtime support for the PAM library
ii libpam0g 0.79-5 Pluggable Authentication Modules library
ii libpam0g-dev 0.79-5 Development files for PAM