Hi,
Your problem sounds familiar. Not being an experienced C programmer I
didn't attempt to understand and locate the problem. Instead I dropped
the pam_ldap authentication and instead applied the mysql_ldap patch. I
don't have the link for the patch handy, but I have source rpms and RedHat
binaries with the patch applied:
Sources:
http://adis.on.ca/pub/Projects/MyRPMS/cyrus-imapd-2.0.13-1.1.src.rpm
http://adis.on.ca/pub/Projects/MyRPMS/cyrus-sasl-1.5.24-17.1.src.rpm
Binaries:
http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-imapd-2.0.13-1.1.i386.rpm
http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-1.5.24-17.1.i386.rpm
http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-devel-1.5.24-17.1.i386.rpm
http://adis.on.ca/pub/Projects/MyRPMS/rh7-binary/cyrus-sasl-gssapi-1.5.24-17.1.i386.rpm
Also, there has been another patch posted to the list which has support
for more flexible rules when matching ldap records.
Hope this helps,
Adi
On Sat, 28 Jul 2001, John Riganati wrote:
> Hello all,
>
> I've been running myself in circles for almost two weeks now trying to
> figure out a 'signaled to death by 11' problem, and I'm hoping someone on
> this list can shed some light for me. I've been reading through the list
> archive and have seen numerous reference to mismatching libdb files, so I've
> done my best to eliminate that as a problem, but I still can't make my issue
> go away. Any guidance will be greatly appreciated!
>
> This is my setup.
> RedHat 7.1
> BerkeleyDB 3.2.9
> CyrusSASL 1.5.24
> CyrusIMAP 2.0.15
> pam_ldap 1.22
> OpenLDAP 2.0.11
>
> When I try to connect, say with imtest, if my sasl_pwcheck_method=sasldb, I
> get in no problem. If my sasl_pwcheck_method=pam, I get the following in my
> log file:
>
> Jul 27 23:52:31 vmsurfrider master[29589]: about to exec
> /usr/cyrus/bin/imapd
> Jul 27 23:52:31 vmsurfrider service-imap[29589]: executed
> Jul 27 23:52:31 vmsurfrider imapd[29589]: accepted connection
> Jul 27 23:52:36 vmsurfrider master[29579]: process 29589 exited, signaled to
> death by 11
>
> What's interesting is that if I purposefully mistype the password, I get a
> normal authentication failure with no 'signaled to death' problem. When I
> put the password in properly, that's when I see the problem.
>
> May pam config file for imap is like so:
> [root@vmsurfrider pam.d]# more imap
> #%PAM-1.0
> auth required /lib/security/pam_ldap.so debug
> account required /lib/security/pam_ldap.so debug
>
> By running OpenLDAP in debug mode (slapd -d -1) I can clearly see
> communication to the LDAP server, and I don't see any obvious problems
> there. No error messages, no permission problems that I can see, etc.
>
> I built things in the following order.
> - Built/installed Berkeley DB (--with-uniquename)
> - modified /etc/ld.so.conf to include the BerkeleyDB path and ran ldconfig
> - set CPPFLAGS and LDFLAGS in include BerkeleyDB path
> - CyrusSASL (--without-krb --without-gssapi)
> - modified /etc/ld.so.conf to include local SASL path and ran ldconfig
> - OpenLDAP (--enable-spasswd --enable-passwd --enable-shell --enable-ldap)
> - CyrusIMAP (--with-auth=unix --with-dbdir=/usr/local/BerkeleyDB.3.2)
> - pam_ldap (--with-ldap-lib=openldap)
>
> My ld.so.conf file looks like this:
> [root@vmsurfrider Docs]# more /etc/ld.so.conf
> /usr/local/BerkeleyDB.3.2/lib
> /usr/local/lib
> /usr/local/lib/sasl
> /usr/lib
> /usr/kerberos/lib
> /usr/X11R6/lib
> /usr/lib/sane
> /usr/lib/qt-2.3.0/lib
> /usr/lib/mysq
>
> Apologies for the length of this message. I'm hoping to give all the
> relevant info I can think of. I've included the ldd output from what I
> think are the key files.
>
> Thanks in advance for any help. I'm pretty frustrated at this point.
>
> - John
>
>
> [root@vmsurfrider bin]# ldd master
> libssl.so.1 => /usr/lib/libssl.so.1 (0x40024000)
> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x40051000)
> libdb-3.1.so => /lib/libdb-3.1.so (0x4010d000)
> libc.so.6 => /lib/i686/libc.so.6 (0x40186000)
> libdl.so.2 => /lib/libdl.so.2 (0x402b6000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
> [root@vmsurfrider bin]# ldd imapd
> libsasl.so.7 => /usr/local/lib/libsasl.so.7 (0x40018000)
> libssl.so.1 => /usr/lib/libssl.so.1 (0x400c6000)
> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x400f3000)
> libdb-3.1.so => /lib/libdb-3.1.so (0x401af000)
> libnsl.so.1 => /lib/libnsl.so.1 (0x40228000)
> libc.so.6 => /lib/i686/libc.so.6 (0x4023f000)
> libdl.so.2 => /lib/libdl.so.2 (0x4036f000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0x40374000)
> libpam.so.0 => /lib/libpam.so.0 (0x403a2000)
> libresolv.so.2 => /lib/libresolv.so.2 (0x403aa000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
> [root@vmsurfrider bin]# ldd pop3d
> libsasl.so.7 => /usr/local/lib/libsasl.so.7 (0x40018000)
> libssl.so.1 => /usr/lib/libssl.so.1 (0x400c6000)
> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x400f3000)
> libdb-3.1.so => /lib/libdb-3.1.so (0x401af000)
> libnsl.so.1 => /lib/libnsl.so.1 (0x40228000)
> libc.so.6 => /lib/i686/libc.so.6 (0x4023f000)
> libdl.so.2 => /lib/libdl.so.2 (0x4036f000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0x40374000)
> libpam.so.0 => /lib/libpam.so.0 (0x403a2000)
> libresolv.so.2 => /lib/libresolv.so.2 (0x403aa000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
> [root@vmsurfrider libexec]# ldd slapd
> libsasl.so.7 => /usr/lib/libsasl.so.7 (0x40024000)
> libssl.so.1 => /usr/lib/libssl.so.1 (0x4002f000)
> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x4005c000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0x40118000)
> libresolv.so.2 => /lib/libresolv.so.2 (0x40146000)
> libdl.so.2 => /lib/libdl.so.2 (0x40159000)
> libpthread.so.0 => /lib/i686/libpthread.so.0 (0x4015d000)
> libc.so.6 => /lib/i686/libc.so.6 (0x40172000)
> libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x402a3000)
> libpam.so.0 => /lib/libpam.so.0 (0x402a9000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
> [root@vmsurfrider security]# ldd pam_ldap.so
> libldap.so.2 => /usr/lib/libldap.so.2 (0x40016000)
> liblber.so.2 => /usr/lib/liblber.so.2 (0x40041000)
> libcrypt.so.1 => /lib/libcrypt.so.1 (0x4004b000)
> libresolv.so.2 => /lib/libresolv.so.2 (0x40079000)
> libpam.so.0 => /lib/libpam.so.0 (0x4008c000)
> libdl.so.2 => /lib/libdl.so.2 (0x40094000)
> libc.so.6 => /lib/i686/libc.so.6 (0x40098000)
> libsasl.so.7 => /usr/lib/libsasl.so.7 (0x401c9000)
> libkrb4.so.2 => /usr/kerberos/lib/libkrb4.so.2 (0x401d4000)
> libdes425.so.3 => /usr/kerberos/lib/libdes425.so.3 (0x401e8000)
> libkrb5.so.3 => /usr/kerberos/lib/libkrb5.so.3 (0x401ec000)
> libk5crypto.so.3 => /usr/kerberos/lib/libk5crypto.so.3 (0x40243000)
> libcom_err.so.3 => /usr/kerberos/lib/libcom_err.so.3 (0x40254000)
> libssl.so.1 => /usr/lib/libssl.so.1 (0x40256000)
> libcrypto.so.1 => /usr/lib/libcrypto.so.1 (0x40283000)
> /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x2aaaa000)
> libgdbm.so.2 => /usr/lib/libgdbm.so.2 (0x40340000)
>
--
