On Tue, 30 Apr 2002 15:06:30 +0200 Birger Toedtmann <[EMAIL PROTECTED]> wrote:
BT> Naturally, as CRAM-MD5, DIGEST-MD5 and the like won't work with pam. PLAIN
BT> and LOGIN are the only mechanisms that will work with pam because they do
BT> not require access to the cleartext password.
I understand that. What I can't figure out as how to get imapd to stop insisting on
cram-md5 from the local database
BT> If your client gets confused by imapd's CAPABILITY announcement (always try-
BT> ing to do CRAM-MD5 because its advertised), delete /etc/sasldb, imapd will
BT> then stop announcing them.
OK, I deleted /etc/sasldb2 and now I get the log result down below.
As you'll see later, it still advertises cram-md5 as an authentication
capability even with the database gone.
Apr 30 11:10:12 mail imapd[18739]: unable to open Berkeley db /etc/sasldb2: No such
file or directory
Apr 30 11:10:12 mail imapd[18739]: unable to open Berkeley db /etc/sasldb2: No such
file or directory
Apr 30 11:10:12 mail imapd[18739]: no secret in database
Apr 30 11:10:12 mail imapd[18739]: badlogin: relay.andrewandsons.com[192.168.255.1]
CRAM-MD5 [SASL(-13): user not found: no secret in database]
assuming the client I was using was getting confused, I tried running imtest and I got:
[cyrus@mail cyrus-imapd-2.1.3]$ imtest/imtest -m login -p imap localhost
C: C01 CAPABILITY
S: * OK mail.andrewandsons.com Cyrus IMAP4 v2.1.3 server ready
S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS ID
NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND SORT THREAD=ORDEREDSUBJECT
THREAD=REFERENCES IDLE AUTH=OTP AUTH=DIGEST-MD5 AUTH=CRAM-MD5
S: C01 OK Completed
Password:
C: L01 LOGIN cyrus {8}
+ go ahead
C: <omitted>
L01 NO Login failed: no mechanism available
Authentication failed. generic failure
Security strength factor: 0
the log reports:
Apr 30 11:21:22 mail su(pam_unix)[18766]: session opened for user cyrus by root(uid=0)
Apr 30 11:24:39 mail imapd[18761]: unknown password verifier saslauthd
Apr 30 11:24:39 mail imapd[18761]: badlogin: localhost.localdomain[127.0.0.1] plaintex
t cyrus SASL(-4): no mechanism available: checkpass failed
Apr 30 11:26:02 mail su(pam_unix)[18766]: session closed for user cyrus
Apr 30 11:26:04 mail sshd(pam_unix)[2130]: session closed for user root
Apr 30 11:26:29 mail sshd(pam_unix)[18807]: session opened for user root by (uid=0)
the fact I'm getting the unknown password verifier tells me that I I
have either a misspelling, I am missing a sasl2 authentication
library, or I didn't compile imapd correctly.
when I look in /usr/lib/sasl2, I don't find any libraries for saslauthd.
[root@mail root]# ls /usr/lib/sasl2/
libanonymous.la libcrammd5.so libdigestmd5.so.2 libotp.so.2.0.2
libsasldb.la
libanonymous.so libcrammd5.so.2 libdigestmd5.so.2.0.2 libplain.la
libsasldb.so
libanonymous.so.2 libcrammd5.so.2.0.2 libotp.la libplain.so
libsasldb.so.2
libanonymous.so.2.0.2 libdigestmd5.la libotp.so libplain.so.2
libsasldb.so.2.0.2
libcrammd5.la libdigestmd5.so libotp.so.2 libplain.so.2.0.2
[root@mail root]#
OK, what am I missing?
