DAve wrote:
Tom Collins wrote:
DAve,
I think you've found a bug in vchkpw.
Bug? After running this entire situation through my thick head, again, I
more suspect I am trying to do something with vchkpw it was never
intended to do.
In a nutshell I am trying to use vchkpw as an auth tool only, and
nothing else from vpopmail.
For some reason, it wants to create the user's directory if it doesn't
already exist. This could be related to updating the lastauth file in
the user's directory. Disabling AUTH_LOGGING on that system will
help, but you'll still have code trying to create the directory.
Ok, so I'm not completely crazy. Configuring with --disable-auth-logging
got the messages to stop last night, so I was on the right track.
However, tailing the remote MySQL logs shows that the only queries to
hit MySQL are the following.
# configured with --disable-auth-logging
select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell ,
pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain
= "pixelhammer.com"
# configured with --enable-auth-logging
select pw_name, pw_passwd, pw_uid, pw_gid, pw_gecos, pw_dir, pw_shell ,
pw_clear_passwd from vpopmail where pw_name = "dave.list" and pw_domain
= "pixelhammer.com"
replace into lastauth set user='dave.list', domain='pixelhammer.com',
remote_ip='', timestamp=1173418087
Remote IP is not set. (I would think this was normal as
checkpassword_debug is not setting the env variables)
So disabling auth logging helped, but authentication still fails.
Though, it certainly looks like the query is made correctly to SQL and
the result returned. I am again suspicious of the assign error shown in
the output of checkpassword_debug.
bash-2.05b# /usr/local/src/vpopmail-5.4.17/contrib/checkpassword_debug
-vvv -c /home/vpopmail/bin/vchkpw -l dave.list%pixelhammer.com
Please enter password: xxxx
"/home/vpopmail/bin/vchkpw" started with pid 20840
sending "dave.list%pixelhammer.comNULLxxxxNULL0NULL" (35 bytes) to
checkpassword with uid/gid: 0/0
waiting...
Error. Domain pixelhammer.com was not found in the assign file
done
normal exit from checkpassword
checkpassword exit value: 6
I think... that vchkpw will not work without a complete working install.
It seems to need to have access to the domains, virtualdomains, and
users/cdb file.
Go into login_virtual_user() and get rid of everything from the
comment, "If thier directory path is empty make them a new one" to
right before "#ifdef CLEAR_PASS".
Let me know if that works, and I'll make changes to the release
version. That code could probably be permanently removed -- the
user's directory is created by vdelivermail when necessary. vchkpw
doesn't need to be doing it.
It seemed to have no effect. If that means can you remove it?, I can
test on a working production toaster and let you know (I got a spare now
;^)
Now debating how to go around this. I really want to auth against my
existing vpopmail DB.
This morning I hacked up a quick Perl script to do the authentication
and it is working fine. This confirms that my qmail-auth installation is
working, and my remote vpopmail DB is reachable.
I really really don't want to use a Perl script to do this. Searching
for other checkpassword programs shows nothing that will do a SQL auth,
just CDB, LDAP, radius.
Is no one else using a physically separate outbound smtp server? I am
open to suggestions on how to auth using my vpopmail DB.
Thanks,
DAve
--
Three years now I've asked Google why they don't have a
logo change for Memorial Day. Why do they choose to do logos
for other non-international holidays, but nothing for
Veterans?
Maybe they forgot who made that choice possible.
