[Postfixbuch-users] pam_authenticate failed
Joachim Sturm
joachim-sturm at web.de
Sa Aug 26 11:26:40 CEST 2006
Hallo Liste.
Ich versuche gerade
Postfix2.2.10/cyrus2.2/MySQL5.0/php5.0/Apache2.0/web-cyradm5.4 auf
UBUNTU-Server zu instalieren.
Als HOWTO habe ich das von Luc de Low genommen. (Die main.cf läst sich
sicherlich noch optimieren, zuerst soll der Mailer aber mal laufen)
Ich kann unter "web-cyradm" Domainen und User anlegen. Sie erscheinen auch
in der MySQL Datenbank, nicht jedoch unter /var/spool/cyrus/mail/"user"
Auth.log sag dazu:
Aug 26 10:04:58 ubuntu saslauthd[3973]: ipc_init : listening on
socket: /var/run/saslauthd/mux
Aug 26 10:08:37 ubuntu cyrus/imap[4173]: sql_select option missing Aug 26
10:08:37 ubuntu cyrus/imap[4173]: auxpropfunc error no mechanism available
Aug 26 10:08:37 ubuntu cyrus/imap[4173]: _sasl_plugin_load failed on
sasl_auxprop_plug_init for plugin: sql Aug 26 10:08:38 ubuntu
saslauthd[3974]: (pam_unix) authentication failure; logname= uid=0 euid=0
tty= ruser= rhost= user=cyrus Aug 26 10:08:39 ubuntu saslauthd[3974]:
DEBUG: auth_pam: pam_authenticate failed: Permission denied
Aug 26 10:08:39 ubuntu saslauthd[3974]: do_auth : auth failure:
[user=cyrus] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
Aug 26 10:08:55 ubuntu saslauthd[3975]: (pam_unix) authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost= user=cyrus
Saslfinger -s sagt:
saslfinger - postfix Cyrus sasl configuration Sa 26 Aug 09:33:01 CEST 2006
version: 1.0
mode: server-side SMTP AUTH
-- basics --
Postfix: 2.2.10
System: Ubuntu 6.06.1 LTS \n \l
-- smtpd is linked to --
libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0xb7d30000)
-- active SMTP AUTH and TLS parameters for smtpd -- broken_sasl_auth_clients
= yes smtpd_sasl_auth_enable = yes smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous smtpd_tls_CAfile =
/etc/postfix/ssl/server.pem smtpd_tls_auth_only = no smtpd_tls_cert_file =
/etc/postfix/ssl/server.pem smtpd_tls_key_file = /etc/postfix/ssl/server.pem
smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
-- listing of /usr/lib/sasl2 --
total 924
drwxr-xr-x 2 root root 4096 2006-08-22 20:19 .
drwxr-xr-x 47 root root 8192 2006-08-22 20:32 ..
-rw-r--r-- 1 root root 12792 2006-04-24 13:37 libanonymous.a
-rw-r--r-- 1 root root 855 2006-04-24 13:37 libanonymous.la
-rw-r--r-- 1 root root 12344 2006-04-24 13:37 libanonymous.so
-rw-r--r-- 1 root root 12344 2006-04-24 13:37 libanonymous.so.2
-rw-r--r-- 1 root root 12344 2006-04-24 13:37 libanonymous.so.2.0.19
-rw-r--r-- 1 root root 14934 2006-04-24 13:37 libcrammd5.a
-rw-r--r-- 1 root root 841 2006-04-24 13:37 libcrammd5.la
-rw-r--r-- 1 root root 14584 2006-04-24 13:37 libcrammd5.so
-rw-r--r-- 1 root root 14584 2006-04-24 13:37 libcrammd5.so.2
-rw-r--r-- 1 root root 14584 2006-04-24 13:37 libcrammd5.so.2.0.19
-rw-r--r-- 1 root root 44516 2006-04-24 13:37 libdigestmd5.a
-rw-r--r-- 1 root root 864 2006-04-24 13:37 libdigestmd5.la
-rw-r--r-- 1 root root 41752 2006-04-24 13:37 libdigestmd5.so
-rw-r--r-- 1 root root 41752 2006-04-24 13:37 libdigestmd5.so.2
-rw-r--r-- 1 root root 41752 2006-04-24 13:37 libdigestmd5.so.2.0.19
-rw-r--r-- 1 root root 13074 2006-04-24 13:37 liblogin.a
-rw-r--r-- 1 root root 835 2006-04-24 13:37 liblogin.la
-rw-r--r-- 1 root root 12824 2006-04-24 13:37 liblogin.so
-rw-r--r-- 1 root root 12824 2006-04-24 13:37 liblogin.so.2
-rw-r--r-- 1 root root 12824 2006-04-24 13:37 liblogin.so.2.0.19
-rw-r--r-- 1 root root 28264 2006-04-24 13:37 libntlm.a
-rw-r--r-- 1 root root 829 2006-04-24 13:37 libntlm.la
-rw-r--r-- 1 root root 27836 2006-04-24 13:37 libntlm.so
-rw-r--r-- 1 root root 27836 2006-04-24 13:37 libntlm.so.2
-rw-r--r-- 1 root root 27836 2006-04-24 13:37 libntlm.so.2.0.19
-rw-r--r-- 1 root root 19130 2006-04-24 13:37 libotp.a
-rw-r--r-- 1 root root 829 2006-04-24 13:37 libotp.la
-rw-r--r-- 1 root root 41408 2006-04-24 13:37 libotp.so
-rw-r--r-- 1 root root 41408 2006-04-24 13:37 libotp.so.2
-rw-r--r-- 1 root root 41408 2006-04-24 13:37 libotp.so.2.0.19
-rw-r--r-- 1 root root 13442 2006-04-24 13:37 libplain.a
-rw-r--r-- 1 root root 835 2006-04-24 13:37 libplain.la
-rw-r--r-- 1 root root 13080 2006-04-24 13:37 libplain.so
-rw-r--r-- 1 root root 13080 2006-04-24 13:37 libplain.so.2
-rw-r--r-- 1 root root 13080 2006-04-24 13:37 libplain.so.2.0.19
-rw-r--r-- 1 root root 20750 2006-04-24 13:37 libsasldb.a
-rw-r--r-- 1 root root 856 2006-04-24 13:37 libsasldb.la
-rw-r--r-- 1 root root 17104 2006-04-24 13:37 libsasldb.so
-rw-r--r-- 1 root root 17104 2006-04-24 13:37 libsasldb.so.2
-rw-r--r-- 1 root root 17104 2006-04-24 13:37 libsasldb.so.2.0.19
-rw-r--r-- 1 root root 21260 2006-04-24 13:37 libsql.a
-rw-r--r-- 1 root root 895 2006-04-24 13:37 libsql.la
-rw-r--r-- 1 root root 21068 2006-04-24 13:37 libsql.so
-rw-r--r-- 1 root root 21068 2006-04-24 13:37 libsql.so.2
-rw-r--r-- 1 root root 21068 2006-04-24 13:37 libsql.so.2.0.19
-- content of /etc/postfix/sasl/smtpd.conf --
pwcheck_method: saslauthd
mech_list: plain login
log_level: 3
-- active services in /etc/postfix/master.cf -- # service type private
unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
smtp inet n - - - - smtpd -v
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - n 300 1 qmgr
tlsmgr unix - - - 1000? 1 tlsmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
-o fallback_relay=
showq unix n - - - - showq
error unix - - - - - error
discard unix - - - - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - - - - lmtp
anvil unix - - - - 1 anvil
scache unix - - - - 1 scache
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -t$nexthop -f$sender
$recipient
scalemail-backend unix - n n - 2 pipe
flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}
mailman unix - n n - - pipe
flags=FR user=list argv=/usr/lib/mailman/bin/postfix-to-mailman.py
${nexthop} ${user}
cyrus unix - n n - - pipe
flags=R user=cyrus argv=/usr/sbin/cyrdeliver -r ${sender} -m
${extension} ${user}
-- mechanisms on localhost --
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
-- end of saslfinger output --
Postconf -n sagt:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
config_directory = /etc/postfix
inet_interfaces = all
inet_protocols = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
mailbox_transport = cyrus
mydestination = sample.com, localhost
myhostname = mail.sample.com
mynetworks = 127.0.0.0/8
myorigin = /etc/mailname
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-relay.cf relayhost =
sender_canonical_maps = mysql:/etc/postfix/mysql-canonical.cf
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu) smtpd_helo_required =
yes smtpd_recipient_restrictions =
reject_invalid_hostname,
permit_sasl_authenticated,
permit_mynetworks,
reject_non_fqdn_hostname,
reject_non_fqdn_sender,
reject_non_fqdn_recipient,
reject_unknown_sender_domain,
reject_unknown_recipient_domain,
reject_unauth_pipelining,
reject_unauth_destination,
reject_rbl_client zombie.dnsbl.sorbs.net,
reject_rbl_client relays.ordb.org,
reject_rbl_client opm.blitzed.org,
reject_rbl_client list.dsbl.org,
reject_rbl_client sbl.spamhaus.org,
permit
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_security_options = noanonymous smtpd_tls_CAfile =
/etc/postfix/ssl/server.pem smtpd_tls_auth_only = no smtpd_tls_cert_file =
/etc/postfix/ssl/server.pem smtpd_tls_key_file = /etc/postfix/ssl/server.pem
smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = mysql:/etc/postfix/mysql-transport.cf
virtual_alias_domains = mysql:/etc/postfix/mysql-virtual.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf
testsaslauth -u cyrus -p secret (cyrus ist in der MySQL Datenbank
vorhanden!) 0; NO "autentification failed"
auth.log sagt dazu:
Aug 26 10:35:32 ubuntu saslauthd[3974]: (pam_unix) authentication failure;
logname= uid=0 euid=0 tty= ruser= rhost= user=cyrus Aug 26 10:35:34 ubuntu
saslauthd[3974]: DEBUG: auth_pam: pam_authenticate failed: Permission denied
Aug 26 10:35:34 ubuntu saslauthd[3974]: do_auth : auth failure:
[user=cyrus] [service=imap] [realm=] [mech=pam] [reason=PAM auth error]
Bitte gebt mir Tipps, wo ich noch nach Fehlern suchen kann!
Dankeschön
Achim
Mehr Informationen über die Mailingliste Postfixbuch-users