On Mon, Jan 27, 2003 at 09:56:25AM +0100, martin f krafft wrote:
| also sprach Derrick 'dman' Hudson <dman@dman.ddts.net> [2003.01.24.2244 +0100]:
| > /etc/postfix/sasl/smtpd.conf
| > pwcheck_method: PAM
| >
| > /etc/pam.d/smtp
| > # (take your pick and remove the rest)
| > # (how do you want it to find the user/pass matches?)
| > auth required pam_permit.so
| > auth required pam_pwdfile.so pwdfile /etc/postfix/dman/passwd
| > auth required pam_unix.so
| > auth required pam_ldap.so
|
| Okay, I tried this (without pam_ldap), creating a passwd file in
| /etc/postfix that I referenced in the pwdfile.so line similar to
| yours. I then restarted postfix. I now get the following errors:
|
| postfix/smtpd[18838]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
| postfix/smtpd[18838]: warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory
I remember seeing mention of this somewhere. I think it is the sasl
library that is requiring write access to that file so it can store
secrets and stuff there. It is only needed under some setups, though.
| postfix/smtpd[18838]: warning: SASL authentication failure: no secret in database
| postfix/smtpd[18838]: warning: dclient217-162-113-106.hispeed.ch[217.162.113.106]: SASL CRAM-MD5 authentication failed
I haven't tried using CRAM-MD5
[reordered quoting]
| is there anyone out there using postfix + saslauthd ?
I think this is why. I think the saslauthd is what wants to write to
/etc/sasldb2.
Do you have a line in /etc/postfix/sasl/smtpd.conf that references
saslauthd? If so, I'd try removing it and using only PAM. It's what
I have and it works for me. If you get that working and you still
want to use saslauthd then go from there.
| this has got to be chroot related, since postfix's smtpd runs in
| a chroot in /var/spool/postfix on Debian.
That could be.
| dman, what's your master.cf file look like in terms of the chroot
| column?
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp2 inet n - - - - smtpd
(smtp2 is defined as port 2525 in /etc/services since exim still owns
port 25, see below for that explanation)
| wait, why are you using postfix anyway? aren't you the exim guru?
:-). Yes, I am the exim guru, but I'm also playing with postfix. I
wanted to better understand how it was designed and see how it's
configuration/configurability compared. I still have exim as the SMTP
server on my machine so that I can reject spam during the SMTP session
(using sa-exim), and currently postfix can't do that. However, I also
hvae the postfix package installed and postfix is /usr/sbin/sendmail
and performing local (and remove) delivery only through that
interface. (by "local" here I mean /var/mail/$USER, not using
maildrop or any other fancy MDA; exim is doing that)
HTH,
-D
--
Contrary to popular belief, Unix is user friendly.
It just happens to be selective about who it makes friends with.
-- Dave Parnas
http://dman.ddts.net/~dman/
Attachment:
pgpbJ6BTTGZaw.pgp
Description: PGP signature