Sarge - postfix/saslauthd issues

To: debian-user@lists.debian.org
Subject: Sarge - postfix/saslauthd issues
From: BJ Dierkes <list-reader@5dollarwhitebox.org>
Date: Sat, 9 Jul 2005 05:36:49 -0500
Message-id: <[🔎] 326791E1-E8BA-4DCD-8251-691400ACDA42@5dollarwhitebox.org>


Dear List:

Note: This is more for reference in the event that someone issearching for info on this stuff.

I haven't had to touch my Postfix setup in quite a while, since ithas been running lovely. However, last time I configured it, I had alot of issues... that I hoped would be resolved this time.Unfortunately I had the same problems today as I tried to configurePostfix/saslauthd. It may very well be ME that is the problem, but Ithought I would seek some other opinions.


System:  Debian Sarge

postfix            2.1.5-9
sasl2-bin                2.1.19-1.5
libsasl2        2.1.19-1.5
libsasl2-modules    2.1.19-1.5


PROBLEM 1:

The first problem is is that Postfix can't connect to the saslauthdsocket. The reason appears to be because it is running in a chrootenvironment (by default) and the socket is outside of the jail bydefault.


These what the vars in the "/etc/init.d/saslauthd" script looks like:

NAME=saslauthd
DAEMON="/usr/sbin/${NAME}"
DESC="SASL Authentication Daemon"
DEFAULTS=/etc/default/saslauthd
PWDIR=/var/run/saslauthd
PIDFILE="/var/run/${NAME}/saslauthd.pid"

The saslauthd socket is created as "$PWDIR/mux". However, Postfixlooks for it as "/var/spool/postfix/var/run/saslauthd/mux".

Errors without /var/spool/postfix/var/run/saslauthd/mux (/var/log/mail.log):

postfix/smtpd[7663]: warning: SASL authentication failure: cannotconnect to saslauthd server: No such file or directorypostfix/smtpd[7663]: warning: SASL authentication failure: Passwordverification failed

postfix/smtpd[7663]: warning: SASL PLAIN authentication failed

To fix it I removed "/var/run/saslauthd", and then recreated it as asoft link to "/var/spool/postfix/var/run/saslauthd" (make sure thatpostfix or whatever the postfix user is, is a part of the sasl group).

This fixes the problem for me, but Is there anything I'm missing? Ireally didn't find anything in the documentation for saslauthd thatled to this. Just want to make sure I didn't waste hours of my lifefor no reason. ;)




PROBLEM 2:

When installing "saslauthd", the following directory is created: "/etc/postfix/sasl". However, out of the box i can't seem toauthenticate with saslauthd unless I manually create the file"smtpd.conf".


Errors without /etc/postfix/sasl/smtpd.conf:

/var/log/mail.log:

postfix/smtpd[7501]: warning: SASL authentication problem: unable toopen Berkeley db /etc/sasldb2: No such file or directorypostfix/smtpd[7501]: warning: SASL authentication problem: unable toopen Berkeley db /etc/sasldb2: No such file or directorypostfix/smtpd[7501]: warning: SASL authentication failure: Passwordverification failed

postfix/smtpd[7501]: warning: SASL PLAIN authentication failed

/var/log/auth.log:

postfix/smtpd[7501]: OTP unavailable because can't read/write keydatabase /etc/opiekeys: No such file or directory

Logs obviously show that its not finding an AUTH mechanism. Ithought that "/etc/defaults/saslauthd" or something else held theinfo for authentication mechanisms. however, unless I create"smtpd.conf" with the following in it:


pwcheck_method: saslauthd
mech_list: plain login

is there any reason that this file isn't create when apt-getinstalling postfix/saslauthd? I've found info on the net thatmentions this file in "/usr/lib/sasl/smtpd.conf" or "/usr/lib/sasl2/smtpd.conf" but never in "/etc/postfix/sasl/smtpd.conf". Maybe itsjust me.

Regardless, its working. Maybe this info can help someone else, ormaybe someone out there has a bit more knowledge to help meunderstand why this seemed so difficult.


Thanks



p.s. - my postfix config -
-----------------------------------------------------------------------
mail:/# cat /etc/postfix/main.cf

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
myhostname = mail.mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination =
        localhost,
        mail.mydomain.com,
        mydomain.com

relayhost =
mynetworks =    127.0.0.0/8
home_mailbox = Maildir/
mailbox_size_limit = 0
recipient_delimiter = +
smtpd_recipient_restrictions =
        permit_mynetworks,
        permit_sasl_authenticated,
        reject_unauth_destination,
        permit

# SASL AUTH
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_security_options = noanonymous
-----------------------------------------------------------------------

Reply to:

Prev by Date: where info on packages stored when apt-get update?
Next by Date: Unable to install libncurses5-dev
Previous by thread: Re: where info on packages stored when apt-get update?
Next by thread: Unable to install libncurses5-dev
Index(es):
- Date
- Thread