Re: Cyrus IMAP with pam_mysql?

From: Johan Paul (mailing-lists_at_johanpaul.com)
Date: 08/26/03

  • Next message: Mike Maltese: "Re: Cyrus IMAP with pam_mysql?" 
    Date: Tue, 26 Aug 2003 17:28:23 +0300
To: Jon Mercer <jon.mercer@achean.com>

    Hi and thanks for you reply!

    > Welcome to nightmaresville. I struggled with this for yonks, and found
    > that there were some other files that needed to be setup, e.g.:

    F**k! I mean why does it have to be so difficult? In RedHat Linux I got
    the same configuration up without any problems...

    > ajax# cd /usr/local/lib/sasl2
    > ajax# cat Cyrus.conf
    > pwcheck_method: saslauthd
    > ajax#

    Ok, well added that there also. And then I read somewhere that the
    pwcheck_method -line should be in imapd.conf too.

    > There is at least one other one, and I'm trying to find it!
    >
    > Are you getting any trace out that you can post? I'd agree with you that
    > it doesn't seem to be contacting the database. If you have a log against
    > mysql, you could check this from the database end.

    This was actually the other thing I was wondering about; a) where is
    my.cnf in FreeBSD to config MySQL for and b) where does MySQL log the
    queries? I would love to look into what pam really tries to do with
    mysql - or doesn't.

    The only thing I can trace back to is the line I get into /var/log/messages:

    Aug 26 17:28:27 silakka imapd[3167]: login: my.machine[127.0.0.1] kypeli
    plaintext

    Yes, it works but it works dispite it shouldn't since I removed the line
    from database with my username. In fact I read these postings with this
    username that shouldn't work :)

    > In my view, the docs for Cyrus fall a long way short of what is really
    > needed!

    Yep! And this isn't the first time I struggle with Cyrus and notice that
    the docs are out of date and mailing lists/newsgroups are the only way
    to get help. Thank god for them :)

    But the wierdest thing is that I think it in fact does use pam to auth
    but it uses the wrong service (a one that authenticates from
    /etc/passwd). Can anyone verify if this is possible? What it the correct
    service line for pam.conf?

    > Cheers,
    >
    > Jon Mercer

    Thanks,

    Johan Paul

    >
    >
    > Johan Paul wrote:
    >
    >> Hi,
    >>
    >> Has anyone managed to get the Cyrus imapd to authenticate with pam_mysql
    >> -authentication?
    >>
    >> In /usr/local/etc/imapd.conf I have:
    >> allowanonymouslogin: no
    >> allowplaintext: yes
    >> sasl_pwcheck_method: saslauthd
    >> sasl_mech_list: PLAIN
    >>
    >> ...among other things.
    >>
    >> I am running saslauthd with pam authentication:
    >> silakka# ps xa |grep saslauthd
    >> 258 ?? Is 0:00.01 /usr/local/sbin/saslauthd1 -a pam
    >>
    >>
    >> This is what I have in my /etc/pam.conf:
    >>
    >> # Mail services
    >> imap auth sufficient pam_mysql.so user=mail passwd=uBerSecRETPASS
    >> host=localhost db=mail table=accountuser usercolumn=username
    >> passwdcolumn=password crypt=1
    >>
    >> imap account required pam_mysql.so user=mail passwd=uBerSecRETPASS
    >> host=localhost db=mail table=accountuser usercolumn=username
    >> passwdcolumn=password crypt=1
    >>
    >> The problem, I think, is the service column. The authentication is done
    >> via PAM since when I change the password for my shell account the mail
    >> password is changed too. But saslauthd uses some other service to
    >> authenticate, not imap and thus not pam_mysql. Why doesn't it reconize
    >> the
    >> above lines for Cyrus?
    >>
    >> I am running FreeBSD 4.8R
    >>
    >> This is giving me serious headache :) Thanks in advance for any clues!!
    >>
    >>
    >> Regards,
    >>
    >> Johan Paul
    >>

    _______________________________________________
    freebsd-questions@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-questions
    To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"

  • Next message: Mike Maltese: "Re: Cyrus IMAP with pam_mysql?"

    Relevant Pages

    • Missing pam_mysql.so
      ... as I need pam to authenticate against a ... mysql 4.0.18 database. ...
      (freebsd-questions)
    • Re: MySQL Database problem (probably already solved in a message, but this is somewhat urgent)
      ... MySQL server has a database with a table, ... columns, an FSR column, and a password column. ... checked if the supposed arrays that were returned were actually arrays ...
      (comp.lang.php)
    • RE: FreeBSD 5.3 MySQL Performance
      ... versions of Linux and FreeBSD for most tests. ... > popular with the ATA disk drive manufacturers. ... > Many companies have used FreeBSD and MySQL for years and years. ... it is not often that you have such a small database and such a large ...
      (freebsd-questions)
    • ANN: Database Designer for MySQL version 1.6 is released
      ... The new version 1.6 of MicroOLAP Database Designer for MySQL has been ... The secure shell (SSH) tunneling is now implemented in Database ...
      (borland.public.delphi.thirdpartytools.general)
    • Re: toolkits or APIs to create a web interface as a frontend to mysql
      ... I am also *not* looking for a web based full fledged mysql client. ... For simple display of tabulated data the most useful thing is a displaywhich uses 's with absolute coordinates to position text in a box of defined width, formatted to be left, right or center justified, an using a preselected style from a a style sheet. ... As far as the actual database calls go, those are specific to each form, and apart from a little coding so that 'database_open, database_close' exist in the library, taking such things as the database name, user name and password from an included file I find it easiest to simply do the query and iterate through it to display the data requested. ...
      (comp.os.linux.misc)