|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Authentication PAM+SASL+MYSQL - Problem
From: andrea (battaglia
exentrica.it)
Date: Tue Jul 04 2006 - 05:49:55 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Hi,
i would like to authenticate with postfix using sasl+pam and mysql.
I use postfix 2.2.10 compiled with these options:
make makefiles CCARGS="-DUSE_TLS -I/usr/local/include -DHAS_MYSQL -I/usr/include/mysql -DUSE_SASL_AUTH -I/usr/include/sasl" AUXLIBS="-L/usr/local/lib -lssl -
lcrypto -L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lsasl2"
For authentication I'm using pam_mysql version 0.5.
My configuration is:
more /usr/lib/sasl2/smtpd.conf
.............................................
pwcheck_method: saslauthd auxprop
auxprop_plugin: sql
sql_engine: mysql
sql_user: pecnext
sql_passwd: xxxxxx
sql_hostnames: X.Y.Z
sql_database: pecnext
sql_select: select MAIL from ACCOUNTS where MAIL='%u%r'
mech_list: plain login
#log_level: 4
saslauthd_path: /var/run/saslauthd/mux
more /etc/pam.d/smtp
................................
auth sufficient pam_mysql.so user=pecnext passwd=XXXXX host=X.Y.Z db=pecnext table=ACCOUNTS usercolumn=MAIL passwdcolumn=PASSWD sqllog=0 crypt=1
auth sufficient pam_unix_auth.so
account required pam_mysql.so user=pecnext passwd=XXXXXX host=X.Y.Z db=pecnext table=ACCOUNTS usercolumn=MAIL passwdcolumn=PASSWD sqllog=0 crypt=1
account sufficient pam_unix_acct.so
testsaslauthd -u user1domain.it -p xxxxxx : test is ok
When I try to sending mail with a client I've these error:
(/var/log/messages)
Jul 4 12:40:25 pec01 saslauthd[14953]: pam_sm_authenticate called.
Jul 4 12:40:25 pec01 saslauthd[14953]: dbuser changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: dbpasswd changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: host changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: database changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: table changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: usercolumn changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: passwdcolumn changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: sqllog changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: crypt changed.
Jul 4 12:40:25 pec01 saslauthd[14953]: db_connect called.
Jul 4 12:40:25 pec01 saslauthd[14953]: returning 0 .
Jul 4 12:40:25 pec01 saslauthd[14953]: db_checkpasswd called.
Jul 4 12:40:25 pec01 saslauthd[14953]: pam_mysql: where clause =
Jul 4 12:40:25 pec01 saslauthd[14953]: SELECT PASSWD FROM ACCOUNTS WHERE MAIL='user1'
Jul 4 12:40:25 pec01 saslauthd[14953]: pam_mysql: select returned more than one result
Jul 4 12:40:25 pec01 saslauthd[14953]: returning 7 after db_checkpasswd.
Jul 4 12:40:25 pec01 smtp(pam_unix)[14953]: check pass; user unknown
Jul 4 12:40:25 pec01 smtp(pam_unix)[14953]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Jul 4 12:40:28 pec01 saslauthd[14953]: do_auth : auth failure: [user=user1] [service=smtp] [realm=pecnext1.it] [mech=pam] [reason=PAM auth error]
As you can see from previous message the SELECT is incomplete: MAIL='user1' instead of MAIL='user1domain.it'
Can you help me ?
thx
andrea
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]