now im up to pam, how can I change the querythat pam does on the DB? I have a multidomain setup and the username is the email address ( test.test.local), but pam cuts of the @test.local in the query
thx again On Jan 23, 2008 9:23 AM, rupert <[EMAIL PROTECTED]> wrote: > > > On Jan 22, 2008 9:05 PM, Rupert <[EMAIL PROTECTED]> wrote: > > > Dan White schrieb: > > > rupert wrote: > > >> Hi, > > >> i have my murder cluster running, with passwords stored in a mysql > > DB. > > >> The only thing that bugs me now is that the passwords are stored in > > >> plaintext inside the DB. > > >> I am using fedora8 and will switch to CentOS once everything runs > > fine. > > >> Can i build a rpm module for sasl that exist beside the packages that > > >> are in > > >> the repositries? > > >> > > >> like cyrus-sasl-md5.i386, cyrus-sasl-plain.i386, > > cyrus-sasl-devel.i386, > > >> cyrus-sasl-md5.i386 ... > > >> > > >> I tried to compile cyrus-sasl.2.19 with the pwcheck patch, but it > > just > > >> messed everythign up. > > >> > > >> Any other solutions? And why is such a important thing not standard? > > > > > > Hi Rupert, > > > > > > I think the MySQL PAM plugin is one possible way to support hashed > > > passwords. You would need to disable all mechanisms which depend on > > > the auxprop plugin and depend on a clear text password (such as > > > DIGEST-MD5). > > > > > > You'll need to configure your pwcheck_method to include saslauthd, and > > > then configure saslauthd to use PAM to authenticate. > > > > > > I'm not familiar with the pwcheck patch, but it shouldn't be required > > > in this scenario. > > > > > > - Dan > > I tried some more times to compile the latest cyrus-sasl with the > > patch(read somewhere the .18 also works on the latest sasl) on my fedora > > box. > > I always get some error while compiling that it cant find mysql.h or > > mysqlclient. > > I compile it with enable-sql and --with-mysql=/usr/lib/mysql > > --with-mysql=/usr/include/mysql > > which is where all the files are located it is complaining about. I also > > have /usr/lib/mysql in ld.so.conf > > Can there be anything else wrong? > > > > > > thx > > > > ok , i got back to the .19 version and compiled that one. > When I now login the syslog says no worthy mechs found and the maillog a > "frontend imap[2864]: badlogin: frontend [192.168.247.128] plaintext > [EMAIL PROTECTED] SASL(-13): authentication failure: checkpass failed" > mysql is working because I can see the query in the mysql.log. > > thx >
---- Cyrus Home Page: http://cyrusimap.web.cmu.edu/ Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
