Re: [SM-USERS] can't log into squirrelmail. error code

Sun, 31 Oct 2004 05:20:17 -0800 

> -----Original Message-----
> From: p dont think [mailto:[EMAIL PROTECTED]
> Sent: Sunday, October 31, 2004 08:15 AM
> To: [EMAIL PROTECTED]
> Cc: [EMAIL PROTECTED]
> Subject: Re:  [SM-USERS] can't log into squirrelmail.   error code
>
> >>  >>>>> # MAP Server (dovecot) # PHP (4.38
> >>  >>>>> http://www.substantis.com/phpinfo.php) # Web server (
> >>  >>>>> Apache/2.0.51 (Fedora)) # Platform (Fedora Core 2) # How your
> >>  >>>>> software was installed (.tar.gz / configured config.pl ) #
> >>  >>>>> SquirrelMail version (1.4.3a)
> >>  >>>>>
> >>  >>>>> problem: i can't log into squirrelmail.  the error code is
> >>  >>>>> "You must be logged in to access this page."
> >>  >>>>>
> >>  >>>>> testing:  confirmed passwords from local terminal.
> >>  >>>>
> >>  >>>> as in telnet localhost 143??
> >>  >>>>
> >>  >>>> what do your IMAP logs say?
> >>  >>>>
> >>  >>>>
> >>  >>>
> >>  >>> everything looks ok with dovecot.  i am user validuser as a local
> >>  >>> account for testing. the strange thing is that even when i get
> >>  >>> rejected for a login using a valid username and password, i get
> >>  >>> the message, ""You must be logged in to access this page," but
> >>  >>> when i login using a bogus name, i get a distinctly different
> >>  >>> error using a bogus username and password "Unknown user or
> >>  >>> password incorrect."
> >>  >>>
> >>  >>> 1. testing dovecot from local terminal: [EMAIL PROTECTED] root]# telnet
> >>  >>> localhost 143 Trying 127.0.0.1... Connected to localhost. Escape
> >>  >>> character is '^]'. * OK dovecot ready. 1 login validuser password
> >>  >>>  1 OK Logged in.
> >>  >>>
> >>  >>> this telnet session gets logged in /var/log/maillog Oct 28
> >>  >>> 21:30:36 testy imap-login: Login: maw [127.0.0.1] Oct 28 21:33:06
> >>  >>> testy imap-login: Login: maw [127.0.0.1]
> >>  >>>
> >>  >>>
> >>  >>> When i attempt to login with a valid user name and password, i
> >>  >>> get the what looks like a valid login:
> >>  >>>
> >>  >>> var/log/maillog Oct 28 21:14:53 testy imap-login: Login:
> >>  >>> validuser [127.0.0.1]
> >>  >>>
> >>  >>> but the system logs say i didn't enter a user id / password: Oct
> >>  >>> 28 22:03:56 testy dovecot(pam_unix)[12167]: authentication
> >>  >>> failure; logname= uid=0 euid=0 tty= ruser= rhost=
> >>  >>
> >>  >> Is this the *only* line associated with one login?  A typical login
> >>  >>  creates more than one IMAP login and thus more than one line in
> >>  >> your logs.  If this really is the only line, then your username
> >>  >> isn't even making it to the IMAP server, which means either PHP is
> >>  >> completely b0rked or your SM was custom modified or has a rouge
> >>  >> plugin that is stripping the username.  If this is the 2nd login
> >>  >> attempt by SM from your single login, this is a problem that has
> >>  >> come up before, and was usually a session problem seen most
> >>  >> frequently by people hosting SM on a Windows server IIRC.  But it's
> >>  >> been a while, so I don't remember exactly... you may want to double
> >>  >> check your logs and do more mailing list archive searches.
> >>  >>
> >>  >>
> >>  >>> when i use a bogus username and password, i get this: Oct 28
> >>  >>> 22:21:34 testy dovecot(pam_unix)[12186]: check pass; user unknown
> >>  >>>  Oct 28 22:21:34 testy dovecot(pam_unix)[12186]: authentication
> >>  >>> failure; logname= uid=0 euid=0 tty= ruser= rhost=
> >>  >>
> >>  >>
> >>  >
> >>  > REGARDING APACHE / PHP ISSUE I RAISED EARLIER: in reviewing other
> >>  > guides to squirrelmail installs and one noted "The /etc/php.ini file
> >>  > needs to be editied and have the value register_globals set to on. "
> >>  > see http://www.linuxhelp.ca/forums/index.php?act=ST&f=3&t=3647
> >>  >
> >>  > is this correct? my fedora core 2 rpm install is set to off but i
> >>  > don't know how this would affect squirrelmail / php's performance.
> >>  > can someone advise me on this subject?
> >>
> >> Absolutely wrong.  Please fix it or tell us where it is.
> >>
> >>  > REGARDING BROWSER / COOKIE ISSUES: I have reproduced this problem on
> >>  > Mozilla, Firefox, Netscape, and IE.  Cookies are enabled.
> >>  >
> >>  > REGARDING CONFIGURATION / PLUGINS: this is a plain vanila install on
> >>  > fedora core 2 via rpms.  there are no pluggins.  i installed via the
> >>  > "quick and dirty" instructions from the squirrelmail.org website.
> >>  >
> >>  > REGARDING ROOT LOGINS: yes.  the documentation on dovecot states that
> >>  > root user is hard coded for no login.  that's the problem.  the uid
> >>  > stuff is getting lost.  here is a grepped version of my system log
> >>  > dovecot.  the uid of the individual is either recognized (validuser1)
> >>  > or lost completely.  Even when dovecot gets the valiuser, its still
> >>  > receiving uid=zero.
> >>
> >> That is not SM doing that.  SM only sends a username.  If the username
> >> is lost, then there is a SM/PHP problem.  If the UID is being lost, but
> >> the username is correct, this is a Dovecot issue.
> >>
> >>  > this is root's uid.  i understand that part but
> >>  > why is squirrelmail unable to communicate / why is dovecot unable to
> >>  > understand that a nonroot user is logging in?  moreover, why does the
> >>  > user at the browser see the error message "You must be logged in to
> >>  > access this page." but a bogus user or bad password gets, "Unknown
> >>  > user or password incorrect."
> >>
> >> That usually happens when the user was able to initially log in but the
> >> username was subsequently lost (session problem with your PHP install?)
> >> and subsequent logins fail.
> >>
> >>  > SYSTEM LOGS | GREP dovecot
> >>  >
> >>  > Oct 29 07:33:50 testy dovecot(pam_unix)[31474]: authentication
> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=validuser1
> >>  > Oct 29 07:46:54 testy dovecot(pam_unix)[31546]: check pass; user
> >>  > unknown Oct 29 07:46:54 testy dovecot(pam_unix)[31546]:
> >>  > authentication failure; logname= uid=0 euid=0 tty= ruser= rhost= Oct
> >>  > 29 07:46:56 testy dovecot(pam_unix)[31547]: check pass; user unknown
> >>  > Oct 29 07:46:56 testy dovecot(pam_unix)[31547]: authentication
> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost= Oct 29 07:47:09
> >>  > testy dovecot(pam_unix)[31548]: check pass; user unknown Oct 29
> >>  > 07:47:09 testy dovecot(pam_unix)[31548]: authentication failure;
> >>  > logname= uid=0 euid=0 tty= ruser= rhost= Oct 29 07:47:11 testy
> >>  > dovecot(pam_unix)[31549]: check pass; user unknown Oct 29 07:47:11
> >>  > testy dovecot(pam_unix)[31549]: authentication failure; logname=
> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 29 07:49:21 testy
> >>  > dovecot(pam_unix)[31560]: check pass; user unknown Oct 29 07:49:21
> >>  > testy dovecot(pam_unix)[31560]: authentication failure; logname=
> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 29 07:49:24 testy
> >>  > dovecot(pam_unix)[31561]: check pass; user unknown Oct 29 07:49:24
> >>  > testy dovecot(pam_unix)[31561]: authentication failure; logname=
> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 30 01:47:45 testy dovecot:
> >>  > dovecot shutdown succeeded Oct 30 02:18:52 testy dovecot: dovecot
> >>  > startup succeeded Oct 30 02:22:00 testy dovecot: dovecot shutdown
> >>  > succeeded Oct 30 02:31:40 testy dovecot: dovecot startup succeeded
> >>  > Oct 30 04:33:15 testy dovecot(pam_unix)[5144]: check pass; user
> >>  > unknown Oct 30 04:33:15 testy dovecot(pam_unix)[5144]: authentication
> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost= Oct 30 04:37:17
> >>  > testy dovecot(pam_unix)[5154]: check pass; user unknown Oct 30
> >>  > 04:37:17 testy dovecot(pam_unix)[5154]: authentication failure;
> >>  > logname= uid=0 euid=0 tty= ruser= rhost= Oct 30 04:48:30 testy
> >>  > dovecot: dovecot shutdown succeeded Oct 30 05:07:50 testy dovecot:
> >>  > dovecot startup succeeded Oct 30 12:00:07 testy
> >>  > dovecot(pam_unix)[2852]: authentication failure; logname= uid=0
> >>  > euid=0 tty= ruser= rhost=  user=validuser1
> >>
> >> I can't read that very easily; it'd be nice if you could send just the
> >> lines created from ONE login attempt.
> >>
> >> If the username never makes it to IMAP the very first try for a login
> >> attempt, I have never seen that and would be surprised.  You'd have to
> >> make sure your PHP/web server actually accepts HTTP POST requests.
> >>
> >>   - paul
> >>
> >
> > ONE LOGIN ATTEMPT PER YOUR REQUEST.
>
> PLEASE DO NOT SHOUT
>
> > Oct 30 16:30:48 testy dovecot-auth: pam_succeed_if: requirement "uid <
> > 100" not met by user "maw"
> > Oct 30 21:24:37 testy dovecot-auth: pam_succeed_if: requirement "uid <
> > 100" not met by user "maw"
>
> 1) These are not from a single login attempt.  Their times are hours apart.
> 2) These are completely different messages from what you supplied above.
> Which one is accurate?  Are you looking at more than one log file?  It's
> hard to help when you give conflicting information.
> 3) If the user "maw" is in fact being successfully given to the IMAP
> server, then the problem is not with SM.  Please consult your IMAP setup
> and ask in a Dovecot forum.
>
> > MY WEBSERVER IS A STOCK FEDORA CORE 2 RMP INSTALL.  YOU CAN SEE EVERYTHING
> > VIA PHP.INFO FOR THE NEXT FEW HOURS AT www.substantis.com/temp.php
>
>
>
thanks for your response.  i don't shout but my keyboard does stick sometimes :-}
i'm not sure what logs you want so i did an inventory of my logs.  i am providing all 
my logs for what i can associate with this problem.  if there are any other logs that 
would be helpful, please let me know.  in doing this inventory, i made a separate 
error log for this domain to simplify the process. it is 
/var/log/httpd/www.substantis.com-error_log

/var/log/maillog
Oct 31 06:47:54 testy imap-login: Login: maw [127.0.0.1]

/var/log/httpd/access_log
69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET /squirrelmail-1.4.3a HTTP/1.1" 301 
340 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET /squirrelmail-1.4.3a/ HTTP/1.1" 302 
14 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET /squirrelmail-1.4.3a/src/login.php 
HTTP/1.1" 200 2190 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) 
Gecko/20040922"
69.17.65.22 - - [31/Oct/2004:06:47:53 -0500] "POST 
/squirrelmail-1.4.3a/src/redirect.php HTTP/1.1" 302 - 
"http://www.substantis.com/squirrelmail-1.4.3a/src/login.php"; "Mozilla/5.0 (X11; U; 
Linux i686; en-US; rv:1.7.3) Gecko/20040922"
69.17.65.22 - - [31/Oct/2004:06:47:54 -0500] "GET /squirrelmail-1.4.3a/src/webmail.php 
HTTP/1.1" 200 1199 "http://www.substantis.com/squirrelmail-1.4.3a/src/login.php"; 
"Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
"/var/log/httpd/access_log" 31L, 34569C                                                
                28,1

/var/log/httpd/www.substantis.com-error_log relating to lines 152 and 295 of
/var/www/html/squirrelmail-1.4.3a/functions/global.php

[client 69.17.65.22] PHP Warning:  session_start(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/functions/global.php on 
line 295, referer: http://www.substantis.com/squirrelmail-1.4.3a/src/webmail.php
[client 69.17.65.22] PHP Warning:  session_start(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/functions/global.php on 
line 295
[client 69.17.65.22] PHP Warning:  session_start(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/functions/global.php on 
line 295
[client 69.17.65.22] PHP Warning:  session_start(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/functions/global.php on 
line 295, referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
[client 69.17.65.22] PHP Warning:  session_write_close(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/src/redirect.php on line 
152, referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
[client 69.17.65.22] PHP Warning:  session_write_close(): Failed to write session data 
(files). Please verify that the current setting of session.save_path is correct 
(/var/lib/php/session) in /var/www/html/squirrelmail-1.4.3a/src/redirect.php on line 
152, referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
[client 69.17.65.22] PHP Warning:  session_start(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in /var/www/html/squirrelmail-1.4.3a/functions/global.php on 
line 295, referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
[client 69.17.65.22] PHP Warning:  Unknown(): 
open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR) failed: 
Permission denied (13) in Unknown on line 0, referer: 
http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
[client 69.17.65.22] PHP Warning:  Unknown(): Failed to write session data (files). 
Please verify that the current setting of session.save_path is correct 
(/var/lib/php/session) in Unknown on line 0, referer: 
http://www.substantis.com/squirrelmail-1.4.3a/src/login.php

/var/log/secure
Oct 31 06:47:54 testy dovecot-auth: pam_succeed_if: requirement "uid < 100" not met by 
user "maw"







-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_idU88&alloc_id065&op=click
--
squirrelmail-users mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: [EMAIL PROTECTED]
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Reply via email to