Re: Postfix: SASL authentication failure

[Jonathan Sélea]

I found the issue.
Apparently there where two saslauthd related files in /etc/default.
/etc/default/saslauthd and /etc/default/saslauthd-postfix
I am not sure how it got there, but most likely by the previous person 
working on it.
However, changing the following:

OPTIONS="-c -m /var/run/saslauthd"

To:

OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Finally spawned the correct socket and files in 
/var/spool/postfix/var/run/saslauthd (postfix chroot).
I verified this with "systemctl status saslauthd":

           ├─536 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─540 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─541 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─542 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─543 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─544 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─545 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─546 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           ├─547 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10
           └─548 /usr/sbin/saslauthd -a pam -c -m 
/var/spool/postfix/var/run/saslauthd -n 10

Thank you for pointing me to the right direction!


--
Jonathan Sélea

Website: https://jonathanselea.se
PGP Key: 0x8B35B3C894B964DD
Fingerprint: 4AF2 10DE 996B 673C 0FD8  AFA0 8B35 B3C8 94B9 64DD



On 2021-05-10 12:58, Jonathan Sélea wrote:
May 10 09:17:42 smtp01 postfix/smtpd[21033]: warning: SASL
authentication failure: cannot connect to saslauthd server: No such 
file
or directory

this is a problem

/var/run/saslauthd is present - yes
/var/spool/postfix/var/run/saslauthd is present - yes

Is one dir link to another?
Do you see any files there?

It seems like both of them are "their own files" - none of them are
symlinked to anything

/var/run:
drwx--x---  2 root   sasl     140 May 10 09:17 saslauthd

/var/spool/postfix/var/run
drwxr-xr-x 2 root sasl 4096 May 10 09:10 saslauthd

So there is defintely something going on here. I guess that
/var/spool/postfix/var/run/saslauthd should be a symlink to
/var/run/saslauthd ?

Run saslauthd from the command line with the "-d" argument: it should 
print the name of the socket it listens to or use
tool like "ss" to check the socket.

saslauthd -d did not print the socket in use sadly.
ss - I only found one socket being in use - /var/run/saslauthd

I wonder, should a symlink from /var/run/saslauthd to
/var/spool/postfix/var/run/saslauthd ?

Thank you