Re: saslauthd segfaults with pam_krb5

To: matt@cs.auckland.ac.nz
Cc: debian-user@lists.debian.org
Subject: Re: saslauthd segfaults with pam_krb5
From: Matt Cocker <matt@cs.auckland.ac.nz>
Date: Sat, 19 Jun 2004 06:53:33 +1200
Message-id: <[🔎] 40D33A2D.2010304@cs.auckland.ac.nz>
In-reply-to: <[🔎] 40D2241E.8070305@cs.auckland.ac.nz>
References: <[🔎] 40D2241E.8070305@cs.auckland.ac.nz>

Hi

Found that if I used the heimdal pam_krb5 module instead of the MITpam_krb5, saslauthd worked fine. Maybe some conflicts or depends mayneed to be added to the sasl or pam_krb5 packages wrt this seg fault.

It is just as well I got it working cause there was no way I was goingto be able to build from the source package as it had loopingdependencies i.e requires heimdal-dev and libdb4.2-dev which conflictwith libdb3-dev (which is required also). It also required libsasl2 tomeet the build dependencies. Thank goodness someone has worked throughthis mess for me.



Cheers

matt


Matthew Cocker wrote:

Hi

Not sure if this should be to sent to debian-user or debian-testing
I am trying to use saslauthd -a pam to authenicate a cyrus 2.2.5 serveragainst a MIT kerberos.
If I enter the wrong password for a user the login fails and saslauthdstays running.
If I enter the correct password for kerberos I get

auth.log
Jun 18 11:02:42 mail2 saslauthd[3558]: pam_krb5:pam_sm_authenticate(imap csad): entry:
Jun 18 11:02:42 mail2 imap[3561]: size read failed

saslauthd -a pam -n 1 -d output

saslauthd[3558] :main            : num_procs  : 1
saslauthd[3558] :main            : mech_option: NULL
saslauthd[3558] :main            : run_path   : /var/run/saslauthd
saslauthd[3558] :main            : auth_mech  : pam
saslauthd[3558] :ipc_init : using accept lock file:/var/run/saslauthd/mux.accept
saslauthd[3558] :detach_tty      : master pid is: 0
saslauthd[3558] :ipc_init : listening on socket:/var/run/saslauthd/mux
saslauthd[3558] :main            : using process model
saslauthd[3558] :get_accept_lock : acquired accept lock
saslauthd[3558] :rel_accept_lock : released accept lock
saslauthd[3558] :do_auth : auth failure: [user=root][service=imap] [realm=] [mech=pam] [reason=PAM auth error]
saslauthd[3558] :get_accept_lock : acquired accept lock
saslauthd[3558] :rel_accept_lock : released accept lock
Segmentation fault
If I remove pam_krb5 from stack and use user in password file pam_unixauthenticates me fine
Any ideas where to look

present test imap pam file is

auth       sufficient    pam_krb5.so debug
auth       sufficient   pam_unix.so debug
auth       required     pam_deny.so
account    sufficient   pam_permit.so



Cheers

Matt

Reply to:

References:
- saslauthd segfaults with pam_krb5
  - From: Matthew Cocker <matt@cs.auckland.ac.nz>

Prev by Date: Re: 802.11g Wireless NIC for Desktop
Next by Date: Re: how to change default X teminal to tty9 ,etc ?
Previous by thread: Re: saslauthd segfaults with pam_krb5
Next by thread: squirrelmail plugins -- via apt-get?
Index(es):
- Date
- Thread