Re: [Web-cyradm] Someone seen this before ?
- Original Message - From: Rob Siemborski [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED] Sent: Friday, July 25, 2003 10:33 PM Subject: Re: [Web-cyradm] Someone seen this before ? On Wed, 2 Jul 2003 [EMAIL PROTECTED] wrote: My logs are full of these messages... I have to restart Sasl/Cyrus/MySQL every second hour to maintain it in business... You shouldn't use pam_mysql when there's a perfectly good mysql auxprop plugin available. perfectly googd mysql auxprop plugin? does it support md5 or login and other auth mechnism? Best Regards, Daniel
Re: [Web-cyradm] Someone seen this before ?
On Sat, 26 Jul 2003, daniel qian wrote: You shouldn't use pam_mysql when there's a perfectly good mysql auxprop plugin available. perfectly googd mysql auxprop plugin? does it support md5 or login and other auth mechnism? It supports plaintext login, DIGEST-MD5, CRAM-MD5, OTP, and SRP. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: [Web-cyradm] Someone seen this before ?
I did some corrections in my iptables config on this server and the problem went away by itself Looks like the 3306 port was dropped and port was taking over - for everyone to access. I have no idea what happened ... maybe a kind of DOS or something A question ... why use the auxprop plugin instead of pam ? Is there any performance issues involved or what ? Thanks for your brilliant piece of software - cyrus-guys :-) regards bryntez - Original Message - From: Jean Charles Delepine [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Friday, July 25, 2003 3:54 PM Subject: Re: [Web-cyradm] Someone seen this before ? : [EMAIL PROTECTED] écrivait (wrote) : : : Any friends out there who might know what this can be ? : : Jul 1 23:47:18 www-ux saslauthd[595]: pam_mysql: MySQL err Can't connect to : local MySQL server through socket '/tmp/mysql.sock' (2) : Jul 1 23:47:18 www-ux saslauthd[595]: AUTHFAIL: user=xxx.domain.com : service=pop realm= [PAM auth error] : Jul 1 23:47:22 www-ux saslauthd[596]: pam_mysql: MySQL err Can't connect to : local MySQL server through socket '/tmp/mysql.sock' (2) : Jul 1 23:47:22 www-ux saslauthd[596]: AUTHFAIL: user=yyy.domain.com : service=imap realm= [PAM auth error] : Jul 1 23:47:25 www-ux saslauthd[596]: pam_mysql: MySQL err Can't connect to : local MySQL server through socket '/tmp/mysql.sock' (2) : : Do you have any error in mysql logs ? : What is the status of /tmp/mysql.sock (ls -l ) ? : : This config has performed successfully now for over a year, until last night : it suddenly : started to fail... ??? : : What did you do before it failed ? Is there any other suspect messages : in your logs ? : :Jean Charles :
Re: [Web-cyradm] Someone seen this before ?
On Sat, 26 Jul 2003 [EMAIL PROTECTED] wrote: A question ... why use the auxprop plugin instead of pam ? Is there any performance issues involved or what ? Thanks for your brilliant piece of software - cyrus-guys :-) PAM only allows you to do password verification, essentially is xyzzy the password? and get a ok/no response. This requires that the plaintext password traverse the network (possibly under a TLS layer). Auxprop plugins allow you to use more secure mechanisms, such as CRAM-MD5 or DIGEST-MD5 because you have access to the password directly, instead of just an ok/no answer. It also eliminates a few tiers in the authentication hierarchy, compare: cyrus - sasl - saslauthd - pam - pam_mysql - mysql to cyrus - sasl - mysql auxprop - mysql -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: [Web-cyradm] Someone seen this before ?
On Wed, 2 Jul 2003 [EMAIL PROTECTED] wrote: My logs are full of these messages... I have to restart Sasl/Cyrus/MySQL every second hour to maintain it in business... You shouldn't use pam_mysql when there's a perfectly good mysql auxprop plugin available. Any ideas ? I suspect that pam_mysql is having some sort of problem connecting to your mysql server. But, as I said, you probably shouldn't be using it anyway. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Someone seen this before ?
Any friends out there who might know what this can be ? Jul 1 23:47:18 www-ux saslauthd[595]: pam_mysql: MySQL err Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Jul 1 23:47:18 www-ux saslauthd[595]: AUTHFAIL: user=xxx.domain.com service=pop realm= [PAM auth error] Jul 1 23:47:22 www-ux saslauthd[596]: pam_mysql: MySQL err Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) Jul 1 23:47:22 www-ux saslauthd[596]: AUTHFAIL: user=yyy.domain.com service=imap realm= [PAM auth error] Jul 1 23:47:25 www-ux saslauthd[596]: pam_mysql: MySQL err Can't connect to local MySQL server through socket '/tmp/mysql.sock' (2) My logs are full of these messages... I have to restart Sasl/Cyrus/MySQL every second hour to maintain it in business... Any ideas ? [Config] (Redhat 7.3, Sasl: 2.1.5, Cyrus 2.1.5, MySQL version 3.23.51, build from source with postfix as MTA) This config has performed successfully now for over a year, until last night it suddenly started to fail... ??? Regards bryntez