On 13/08/09 16:56 +0200, Paul van der Vlis wrote:
Aug 13 11:27:40 sigmund saslauthd[12960]: do_auth         : auth
failure: [user=root] [service=sieve] [realm=] [mech=pam] [reason=PAM
auth error]


testsaslauthd -u username -p password
testsaslauthd -u username -p password -s sieve
testsaslauthd -u username -p password -s imap

Do you get different answers?

No, they give all:  0: OK "Success." when I do it as root or as user cyrus.

But when I execute "testsaslauthd" as another user, it fails with a
"connect() : Permission denied".
But this is also the case on the other machine what works correct.

It looks like you're configured to allow members of the sasl group to
access the saslauthd mux, so that error is to be expected.

sasl_mech_list: PLAIN
sasl_minimum_layer: 0
#sasl_maximum_layer: 256
sasl_pwcheck_method: saslauthd
#sasl_auxprop_plugin: sasldb
sasl_auto_transition: no

/etc/default/saslauthd:
START=yes
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c"

Maybe this is important:
sigmund:~# ls -ld /var/run/saslauthd
lrwxrwxrwx 1 root root 37 2009-07-22 14:01 /var/run/saslauthd ->
/var/spool/postfix/var/run/saslauthd/
sigmund:~# ls -ld /var/spool/postfix/var/run/saslauthd/
drwx--x--- 2 root sasl 200 2009-07-22 14:02
/var/spool/postfix/var/run/saslauthd/
sigmund:~# ls -l /var/spool/postfix/var/run/saslauthd/
total 929
-rw------- 1 root root      0 2009-07-22 14:02 cache.flock
-rw------- 1 root root 945152 2009-07-22 14:02 cache.mmap
srwxrwxrwx 1 root root      0 2009-07-22 14:02 mux
-rw------- 1 root root      0 2009-07-22 14:02 mux.accept
-rw------- 1 root root      6 2009-07-22 14:02 saslauthd.pid

Looks fine.

I wonder if timsieved is calling saslauthd with different options,
like with a realm.

I'd be curious what you're seeing when saslauthd is in debug mode.

--
Dan White

Attachment: signature.asc
Description: Digital signature

----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html

Reply via email to