From: Andreas Winkelmann (no email)
Date: Sun Aug 01 2004 - 01:58:25 EDT
Am Sonntag, 1. August 2004 05:20 schrieb Eric N. Valor:
> I have recompiled SASL-2.1.19. "testsaslauthd" works fine. However,
> when trying to use SASL to authenticate an incoming STMP session against
> my LDAP server, I find (using strace) this:
>
> read(10, "AUTH PLAIN <password redacted>\r"..., 4096) = 33
> open("/etc/sasldb", O_RDONLY) = -1 ENOENT (No such file or
> directory)
> time([1091330254]) = 1091330254
> getpid() = 20179
>
> I compiled SASL to NOT use sasldb, specifically to use LDAP. I then
> recompiled postfix against the newly-compiled SASL.
>
> /etc/postfix/sasl/smtpd.conf is thus:
Debian has a special-version of Postfix. One of the diffrences is the Path
where the Cyrus-SASL Library looks for smtpd.conf. If you "recompile" a
Postfix on Debian, i would guess you are using a vanilla-Postfix Version. And
then it uses the default Cyrus-SASL Path to look for its smtpd.conf. This is
normally /usr/lib/sasl2.
> pwcheck_method: saslauthd
This is ok.
> saslauthd_uri: ldap://XXX.XXX.XXX.XXX
> saslauthd_mech: ldap
This is wrong, or better senseless. The authmech, which saslauthd uses is
given as startup-argument ("saslauthd -a ldap"). The URI is defined in the
configuration-file, normally saslauthd.conf somewhere in /etc.
> saslauthd_path: /var/state/saslauthd/mux
Be carefull, this is the socket the Library uses to connect to saslauthd. If
you change it here, don't forget to tell saslauthd that you want to change it
("saslauthd ... -m /var/state/saslauthd").
> mech_list: PLAIN LOGIN
Ok.
> Is it possible that the "make upgrade" didn't fully overwrite the
> previous installation (which, compiled against an older non-working SASL
> compile, probably did want to check /etc/sasldb)? Am I missing
> something else here?
>
> Thanks again for all the advice. This has been a real learning (if
> intensely frustrating) experience...
-- Andreas
|
|
|