Menu
▾
▴
[Pam-mysql-general] Pam module problem with cyrus-sasl2 + mysql (fwd)
|
From: James O'K. <jo...@mi...> - 2002-11-21 02:27:29
|
Could someone else look over this and reply to him? I'm a bit pressed for
time.
-james
---------- Forwarded message ----------
Date: Thu, 24 Oct 2002 13:41:02 +0300
From: Alex Pita <ne...@so...>
To: jo...@us...
Subject: Pam module problem with cyrus-sasl2 + mysql
Hello pam experts,
Just i received from cyrus-sasl mailing list your configuration about
hot to setup postfix+mysql+cyrus-sasl smtp-auth using pam_mysql.so plugin.
Now i need a little help, because all seams to be ok, but pam-plugin is
not working. Maybe you can trace more quicly then me where the problem is:
So i tryed to send an email from mi...@te... to al...@te... (all may
users and domains are virtuals, no real shell accounts, controled by
mysql-database)
[root@dinu root]# tail -f /var/log/messages
Oct 24 12:23:37 dinu saslauthd[3332]: START: saslauthd 2.1.9
Oct 24 12:23:37 dinu saslauthd[3343]: master PID is: 3343
Oct 24 12:23:37 dinu saslauthd[3343]: daemon started, listening on
/var/state/saslauthd/mux
Oct 24 12:45:07 dinu postfix/smtpd[3586]: mysql plugin couldnt connect
to any host
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
[root@dinu root]# tail -f /var/log/maillog
Oct 24 12:45:07 dinu postfix/smtpd[3586]: connect from
ns1.test.ro[192.168.0.2]
Oct 24 12:45:07 dinu postfix/smtpd[3586]: 3D5BE4BFF:
client=ns1.test.ro[192.168.0.2], sasl_method=PLAIN, sasl_username=mimi.3323
Oct 24 12:45:07 dinu postfix/cleanup[3590]: 3D5BE4BFF:
message-id=<200...@te...>
Oct 24 12:45:07 dinu postfix/smtpd[3586]: disconnect from
ns1.test.ro[192.168.0.2]
Oct 24 12:45:07 dinu postfix/qmgr[3489]: 3D5BE4BFF: from=<mi...@te...>
, size=465, nrcpt=1 (queue active)
Oct 24 12:45:07 dinu postfix/virtual[3596]: 3D5BE4BFF: to=<al...@te...>
, relay=virtual, delay=0, status=sent (maildir)
Oct 24 12:45:18 dinu pop3d: Connection, ip=[::ffff:192.168.0.2]
Oct 24 12:45:19 dinu pop3d: LOGIN, user=alex, ip=[::ffff:192.168.0.2]
Oct 24 12:45:19 dinu pop3d: LOGOUT, user=alex, ip=[::ffff:192.168.0.2],
top=0, retr=1007
So this email is delivered because is matching with my relay policy and
not due to authentication with pam+mysql!!!!
here are my /etc/pam.d/smtp file
#%PAM-1.0
auth sufficient /lib/security/pam_mysql.so user=postfix passwd=postfix
host=localhost db=maildb table=users usercolumn=id passwdcolumn=crypt
crypt=1
account required /lib/security/pam_mysql.so user=postfix passwd=postfix
host=localhost db=maildb table=users usercolumn=id passwdcolumn=crypt
crypt=1
The settings for my database are correct, (tested with smtp, pop3 and
imap connections).
Also , i want to mention that when i add one user to mysql database
named maildb in table named users, i use:
INSERT INTO users (id, address, clear, name, uid, gid, maildir) VALUES
('alex', ' al...@te... ', 'yyy', 'Alex Ionescu', 12345, 12345,
'test.ro/alex/Maildir/');
and after that,
UPDATE users SET crypt=encrypt('yyy') WHERE id='alex';
In this case i think is correct to use in /etc/pam.d/smtp the crypt=1
because the password is encrypted in mysql-database!
Also i want to metion that sasl2 is started with: saslauthd -a pam
In my opinion is somethig bad in pam plugin authentication (i suppose
that can't connect to the localhost) !
Below is my /etc/postfix/main.cf
myhostname = ns1.test.ro
mydomain = test.ro
myorigin = $mydomain
mydestination = localhost.localdomain, localhost.$mydomain, $mydomain,
$myhostname, $transport_maps
mynetworks = 192.168.0.0/24, 127.0.0.0/8
#Smtp-auth support using cyrus-sasl2
# Enable authentication on postfix smtp server #
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_recipient_restrictions = permit_sasl_authenticated,
permit_mynetworks,
check_relay_domains
broken_sasl_auth_clients = yes
transport_maps = mysql:/etc/postfix/transport.cf
virtual_mailbox_base = /home/mailusers
virtual_uid_maps = mysql:/etc/postfix/uids.cf
virtual_gid_maps = mysql:/etc/postfix/gids.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virt.cf
virtual_maps = mysql:/etc/postfix/virtual.cf
Any help will be appreciated.
Best regards,
Alex
|
