Ken: >>Just to insure that Cyrus IMAP >> was not >> experiencing the same bdb issue as SASL V2, I recompiled IMAP 2.1.3 - here >> are the >> "configure script" options selected -> >> >> ./configure \ >> --enable-fulldirhash \ >> --with-sasl=/usr/lib/sasl2 \ >> --with-openssl=/usr/local/ssl \ >> --with-tcl=/usr/local/ActiveTcl \ >> --with-auth=unix \ >> --without-krb \ >> --with-dbdir=/usr/local/BerkeleyDB \ >> --enable-listext
>Why is the BDB directory different from the one you used for SASL? "/usr/local/BerkeleyDB" is a symbolic link to "/usr/local/BerkeleyDB.4.0"; i.e. # ls -al /usr/local/BerkeleyDB lrwxrwxrwx 1 root root 14 Jan 18 13:45 /usr/local/BerkeleyDB -> BerkeleyDB.4.0 >> Moving along, I then restart "master" and the following entries are still >> showing-up in >> "imapd.log": >> >> imapd[12558]: unable to dlopen libsasl.so: libdb-3.3.so: cannot open >> shared object file: No such file or directory >> >> pop3d[12561]: unable to dlopen libsasl.so: libdb-3.3.so: cannot open >> shared object file: No such file or directory >Your services should not be linked against SASL v1. I'm not sure how >this is happening. Hmmmm.... >> So, I created a sym link from "/usr/local/BerkeleyDB.3.3/lib/libdb-3.3.so" >> to >> "/lib/libdb-3.3.so" and the above log file messages no longer appear. I then >> ran >> "imtest" and authentication was successful using "sasldb2" accounts. >> >> Yet all is not working, now the following entries are made to the >> "imapd.log" file >> when attempting to login via my mail client: >> >> badlogin: mailclient [X.X.X.X] plaintext theman SASL(-4): no mechanism >> available: checkpass failed >Make sure that /etc/sasldb2 is readable by the 'cyrus' user. This might >also be a problem with the wrong libsasl and/or libdb being linked. # ls -al /etc/sasldb2 -rw-r----- 1 cyrus mail 12288 Mar 22 12:26 /etc/sasldb2 >> The "/etc/imapd.conf" file contains -> >> >> configdirectory: /var/imap >> partition-default: /var/spool/imap >> admins: cyrusadmin >> sasl_pwcheck_method: auxprop >> partition-news: /var/spool/imap-news >> newsspool: /var/spool/news >> sendmail: /usr/sbin/sendmail >> tls_cert_file: /var/imap/server.pem >> tls_key_file: /var/imap/server.pem >> >>Further, when I attempt to "su", it "Segmentation Faults" and the following >>entries are >>showing-up in the "messages" file >> >> su(pam_unix)[12943]: authentication failure; logname=username uid=500 >> euid=0 tty= ruser= rhost= user=root >> >> su[12943]: unable to get entry point sasl_client_plug_init in >> /usr/lib/sasl/libsasldb.so: >> /usr/local/lib/libsasl.so.7: undefined symbol: sasl_client_plug_init >> >>Why would PAM looking for "SASL V1" libraries? Does PAM need to be relinked >>against "SASL V2" libraries? >AFAIK, PAM doesn't know anything about SASL. SASL can use PAM, not the >other way around. Interesting. Have any ideas of what SASL V2 library the module "sasl_client_plug_init" resides? I look via "nm" and "ar" and found nothing..... RB