Re: [SM-USERS] can't log into squirrelmail. error code

Sun, 31 Oct 2004 11:06:39 -0800 

>
>> -----Original Message-----
>> From: p dont think [mailto:[EMAIL PROTECTED]
>> Sent: Sunday, October 31, 2004 08:15 AM
>> To: [EMAIL PROTECTED]
>> Cc: [EMAIL PROTECTED]
>> Subject: Re:  [SM-USERS] can't log into squirrelmail.   error code
>>
>> >>  >>>>> # MAP Server (dovecot) # PHP (4.38
>> >>  >>>>> http://www.substantis.com/phpinfo.php) # Web server (
>> >>  >>>>> Apache/2.0.51 (Fedora)) # Platform (Fedora Core 2) # How your
>> >>  >>>>> software was installed (.tar.gz / configured config.pl ) #
>> >>  >>>>> SquirrelMail version (1.4.3a)
>> >>  >>>>>
>> >>  >>>>> problem: i can't log into squirrelmail.  the error code is
>> >>  >>>>> "You must be logged in to access this page."
>> >>  >>>>>
>> >>  >>>>> testing:  confirmed passwords from local terminal.
>> >>  >>>>
>> >>  >>>> as in telnet localhost 143??
>> >>  >>>>
>> >>  >>>> what do your IMAP logs say?
>> >>  >>>>
>> >>  >>>>
>> >>  >>>
>> >>  >>> everything looks ok with dovecot.  i am user validuser as a
>> local
>> >>  >>> account for testing. the strange thing is that even when i get
>> >>  >>> rejected for a login using a valid username and password, i get
>> >>  >>> the message, ""You must be logged in to access this page," but
>> >>  >>> when i login using a bogus name, i get a distinctly different
>> >>  >>> error using a bogus username and password "Unknown user or
>> >>  >>> password incorrect."
>> >>  >>>
>> >>  >>> 1. testing dovecot from local terminal: [EMAIL PROTECTED] root]#
>> telnet
>> >>  >>> localhost 143 Trying 127.0.0.1... Connected to localhost. Escape
>> >>  >>> character is '^]'. * OK dovecot ready. 1 login validuser
>> password
>> >>  >>>  1 OK Logged in.
>> >>  >>>
>> >>  >>> this telnet session gets logged in /var/log/maillog Oct 28
>> >>  >>> 21:30:36 testy imap-login: Login: maw [127.0.0.1] Oct 28
>> 21:33:06
>> >>  >>> testy imap-login: Login: maw [127.0.0.1]
>> >>  >>>
>> >>  >>>
>> >>  >>> When i attempt to login with a valid user name and password, i
>> >>  >>> get the what looks like a valid login:
>> >>  >>>
>> >>  >>> var/log/maillog Oct 28 21:14:53 testy imap-login: Login:
>> >>  >>> validuser [127.0.0.1]
>> >>  >>>
>> >>  >>> but the system logs say i didn't enter a user id / password: Oct
>> >>  >>> 28 22:03:56 testy dovecot(pam_unix)[12167]: authentication
>> >>  >>> failure; logname= uid=0 euid=0 tty= ruser= rhost> >>  >>
>> >>  >> Is this the *only* line associated with one login?  A typical
>> login
>> >>  >>  creates more than one IMAP login and thus more than one line in
>> >>  >> your logs.  If this really is the only line, then your username
>> >>  >> isn't even making it to the IMAP server, which means either PHP
>> is
>> >>  >> completely b0rked or your SM was custom modified or has a rouge
>> >>  >> plugin that is stripping the username.  If this is the 2nd login
>> >>  >> attempt by SM from your single login, this is a problem that has
>> >>  >> come up before, and was usually a session problem seen most
>> >>  >> frequently by people hosting SM on a Windows server IIRC.  But
>> it's
>> >>  >> been a while, so I don't remember exactly... you may want to
>> double
>> >>  >> check your logs and do more mailing list archive searches.
>> >>  >>
>> >>  >>
>> >>  >>> when i use a bogus username and password, i get this: Oct 28
>> >>  >>> 22:21:34 testy dovecot(pam_unix)[12186]: check pass; user
>> unknown
>> >>  >>>  Oct 28 22:21:34 testy dovecot(pam_unix)[12186]: authentication
>> >>  >>> failure; logname= uid=0 euid=0 tty= ruser= rhost> >>  >>
>> >>  >>
>> >>  >
>> >>  > REGARDING APACHE / PHP ISSUE I RAISED EARLIER: in reviewing other
>> >>  > guides to squirrelmail installs and one noted "The /etc/php.ini
>> file
>> >>  > needs to be editied and have the value register_globals set to on.
>> "
>> >>  > see http://www.linuxhelp.ca/forums/index.php?act=ST&f=3&t=3647
>> >>  >
>> >>  > is this correct? my fedora core 2 rpm install is set to off but i
>> >>  > don't know how this would affect squirrelmail / php's performance.
>> >>  > can someone advise me on this subject?
>> >>
>> >> Absolutely wrong.  Please fix it or tell us where it is.
>> >>
>> >>  > REGARDING BROWSER / COOKIE ISSUES: I have reproduced this problem
>> on
>> >>  > Mozilla, Firefox, Netscape, and IE.  Cookies are enabled.
>> >>  >
>> >>  > REGARDING CONFIGURATION / PLUGINS: this is a plain vanila install
>> on
>> >>  > fedora core 2 via rpms.  there are no pluggins.  i installed via
>> the
>> >>  > "quick and dirty" instructions from the squirrelmail.org website.
>> >>  >
>> >>  > REGARDING ROOT LOGINS: yes.  the documentation on dovecot states
>> that
>> >>  > root user is hard coded for no login.  that's the problem.  the
>> uid
>> >>  > stuff is getting lost.  here is a grepped version of my system log
>> >>  > dovecot.  the uid of the individual is either recognized
>> (validuser1)
>> >>  > or lost completely.  Even when dovecot gets the valiuser, its
>> still
>> >>  > receiving uid=zero.
>> >>
>> >> That is not SM doing that.  SM only sends a username.  If the
>> username
>> >> is lost, then there is a SM/PHP problem.  If the UID is being lost,
>> but
>> >> the username is correct, this is a Dovecot issue.
>> >>
>> >>  > this is root's uid.  i understand that part but
>> >>  > why is squirrelmail unable to communicate / why is dovecot unable
>> to
>> >>  > understand that a nonroot user is logging in?  moreover, why does
>> the
>> >>  > user at the browser see the error message "You must be logged in
>> to
>> >>  > access this page." but a bogus user or bad password gets, "Unknown
>> >>  > user or password incorrect."
>> >>
>> >> That usually happens when the user was able to initially log in but
>> the
>> >> username was subsequently lost (session problem with your PHP
>> install?)
>> >> and subsequent logins fail.
>> >>
>> >>  > SYSTEM LOGS | GREP dovecot
>> >>  >
>> >>  > Oct 29 07:33:50 testy dovecot(pam_unix)[31474]: authentication
>> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost=  user=validuser1
>> >>  > Oct 29 07:46:54 testy dovecot(pam_unix)[31546]: check pass; user
>> >>  > unknown Oct 29 07:46:54 testy dovecot(pam_unix)[31546]:
>> >>  > authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
>> Oct
>> >>  > 29 07:46:56 testy dovecot(pam_unix)[31547]: check pass; user
>> unknown
>> >>  > Oct 29 07:46:56 testy dovecot(pam_unix)[31547]: authentication
>> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost= Oct 29 07:47:09
>> >>  > testy dovecot(pam_unix)[31548]: check pass; user unknown Oct 29
>> >>  > 07:47:09 testy dovecot(pam_unix)[31548]: authentication failure;
>> >>  > logname= uid=0 euid=0 tty= ruser= rhost= Oct 29 07:47:11 testy
>> >>  > dovecot(pam_unix)[31549]: check pass; user unknown Oct 29 07:47:11
>> >>  > testy dovecot(pam_unix)[31549]: authentication failure; logname>
>> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 29 07:49:21 testy
>> >>  > dovecot(pam_unix)[31560]: check pass; user unknown Oct 29 07:49:21
>> >>  > testy dovecot(pam_unix)[31560]: authentication failure; logname>
>> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 29 07:49:24 testy
>> >>  > dovecot(pam_unix)[31561]: check pass; user unknown Oct 29 07:49:24
>> >>  > testy dovecot(pam_unix)[31561]: authentication failure; logname>
>> >>  > uid=0 euid=0 tty= ruser= rhost= Oct 30 01:47:45 testy
>> dovecot:
>> >>  > dovecot shutdown succeeded Oct 30 02:18:52 testy dovecot: dovecot
>> >>  > startup succeeded Oct 30 02:22:00 testy dovecot: dovecot shutdown
>> >>  > succeeded Oct 30 02:31:40 testy dovecot: dovecot startup succeeded
>> >>  > Oct 30 04:33:15 testy dovecot(pam_unix)[5144]: check pass; user
>> >>  > unknown Oct 30 04:33:15 testy dovecot(pam_unix)[5144]:
>> authentication
>> >>  > failure; logname= uid=0 euid=0 tty= ruser= rhost= Oct 30 04:37:17
>> >>  > testy dovecot(pam_unix)[5154]: check pass; user unknown Oct 30
>> >>  > 04:37:17 testy dovecot(pam_unix)[5154]: authentication failure;
>> >>  > logname= uid=0 euid=0 tty= ruser= rhost= Oct 30 04:48:30 testy
>> >>  > dovecot: dovecot shutdown succeeded Oct 30 05:07:50 testy dovecot:
>> >>  > dovecot startup succeeded Oct 30 12:00:07 testy
>> >>  > dovecot(pam_unix)[2852]: authentication failure; logname= uid=0
>> >>  > euid=0 tty= ruser= rhost=  user=validuser1
>> >>
>> >> I can't read that very easily; it'd be nice if you could send just
>> the
>> >> lines created from ONE login attempt.
>> >>
>> >> If the username never makes it to IMAP the very first try for a login
>> >> attempt, I have never seen that and would be surprised.  You'd have
>> to
>> >> make sure your PHP/web server actually accepts HTTP POST requests.
>> >>
>> >>   - paul
>> >>
>> >
>> > ONE LOGIN ATTEMPT PER YOUR REQUEST.
>>
>> PLEASE DO NOT SHOUT
>>
>> > Oct 30 16:30:48 testy dovecot-auth: pam_succeed_if: requirement "uid <
>> > 100" not met by user "maw"
>> > Oct 30 21:24:37 testy dovecot-auth: pam_succeed_if: requirement "uid <
>> > 100" not met by user "maw"
>>
>> 1) These are not from a single login attempt.  Their times are hours
>> apart.
>> 2) These are completely different messages from what you supplied above.
>> Which one is accurate?  Are you looking at more than one log file?  It's
>> hard to help when you give conflicting information.
>> 3) If the user "maw" is in fact being successfully given to the IMAP
>> server, then the problem is not with SM.  Please consult your IMAP setup
>> and ask in a Dovecot forum.
>>
>> > MY WEBSERVER IS A STOCK FEDORA CORE 2 RMP INSTALL.  YOU CAN SEE
>> EVERYTHING
>> > VIA PHP.INFO FOR THE NEXT FEW HOURS AT www.substantis.com/temp.php
>>
>>
>>
> thanks for your response.  i don't shout but my keyboard does stick
> sometimes :-}
> i'm not sure what logs you want so i did an inventory of my logs.  i am
> providing all my logs for what i can associate with this problem.  if
> there are any other logs that would be helpful, please let me know.  in
> doing this inventory, i made a separate error log for this domain to
> simplify the process. it is /var/log/httpd/www.substantis.com-error_log
>
> /var/log/maillog
> Oct 31 06:47:54 testy imap-login: Login: maw [127.0.0.1]
>
> /var/log/httpd/access_log
> 69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET /squirrelmail-1.4.3a
> HTTP/1.1" 301 340 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
> Gecko/20040922"
> 69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET /squirrelmail-1.4.3a/
> HTTP/1.1" 302 14 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.3)
> Gecko/20040922"
> 69.17.65.22 - - [31/Oct/2004:06:47:46 -0500] "GET
> /squirrelmail-1.4.3a/src/login.php HTTP/1.1" 200 2190 "-" "Mozilla/5.0
> (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
> 69.17.65.22 - - [31/Oct/2004:06:47:53 -0500] "POST
> /squirrelmail-1.4.3a/src/redirect.php HTTP/1.1" 302 -
> "http://www.substantis.com/squirrelmail-1.4.3a/src/login.php"; "Mozilla/5.0
> (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
> 69.17.65.22 - - [31/Oct/2004:06:47:54 -0500] "GET
> /squirrelmail-1.4.3a/src/webmail.php HTTP/1.1" 200 1199
> "http://www.substantis.com/squirrelmail-1.4.3a/src/login.php"; "Mozilla/5.0
> (X11; U; Linux i686; en-US; rv:1.7.3) Gecko/20040922"
> "/var/log/httpd/access_log" 31L, 34569C
>                             28,1
>
> /var/log/httpd/www.substantis.com-error_log relating to lines 152 and 295
> of
> /var/www/html/squirrelmail-1.4.3a/functions/global.php
>
> [client 69.17.65.22] PHP Warning:  session_start():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/functions/global.php on line 295,
> referer: http://www.substantis.com/squirrelmail-1.4.3a/src/webmail.php
> [client 69.17.65.22] PHP Warning:  session_start():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/functions/global.php on line 295
> [client 69.17.65.22] PHP Warning:  session_start():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/functions/global.php on line 295
> [client 69.17.65.22] PHP Warning:  session_start():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/functions/global.php on line 295,
> referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
> [client 69.17.65.22] PHP Warning:  session_write_close():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/src/redirect.php on line 152, referer:
> http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
> [client 69.17.65.22] PHP Warning:  session_write_close(): Failed to write
> session data (files). Please verify that the current setting of
> session.save_path is correct (/var/lib/php/session) in
> /var/www/html/squirrelmail-1.4.3a/src/redirect.php on line 152, referer:
> http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
> [client 69.17.65.22] PHP Warning:  session_start():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in
> /var/www/html/squirrelmail-1.4.3a/functions/global.php on line 295,
> referer: http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
> [client 69.17.65.22] PHP Warning:  Unknown():
> open(/var/lib/php/session/sess_46cf08aee4ddbfbb10cf1d75fe240f96, O_RDWR)
> failed: Permission denied (13) in Unknown on line 0, referer:
> http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
> [client 69.17.65.22] PHP Warning:  Unknown(): Failed to write session data
> (files). Please verify that the current setting of session.save_path is
> correct (/var/lib/php/session) in Unknown on line 0, referer:
> http://www.substantis.com/squirrelmail-1.4.3a/src/login.php
>
> /var/log/secure
> Oct 31 06:47:54 testy dovecot-auth: pam_succeed_if: requirement "uid <
> 100" not met by user "maw"

Well the PHP errors seem rather clear about the issue: your permissions on
the temporary directory used for sessions is not correct.  It is not
uncommon for that to be simply set to /tmp instead of something in /var
(you can do that in php.ini).  Otherwise, fix that directory.

-paul


-------------------------------------------------------
This SF.Net email is sponsored by:
Sybase ASE Linux Express Edition - download now for FREE
LinuxWorld Reader's Choice Award Winner for best database on Linux.
http://ads.osdn.com/?ad_idU88&alloc_id065&op=click
--
squirrelmail-users mailing list
Posting Guidelines: http://squirrelmail.org/wiki/wiki.php?MailingListPostingGuidelines
List Address: [EMAIL PROTECTED]
List Archives: http://news.gmane.org/thread.php?group=gmane.mail.squirrelmail.user
List Archives:  http://sourceforge.net/mailarchive/forum.php?forum_id)95
List Info: https://lists.sourceforge.net/lists/listinfo/squirrelmail-users

Reply via email to