|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: Authentication PAM+SASL+MYSQL - Problem
From: Andrea Battaglia (battaglia
exentrica.it)
Date: Tue Jul 04 2006 - 09:05:16 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
It's OK
thank you so much
andrea
On 7/4/06, Patrick Ben Koetter <pstate-of-mind.de> wrote:
>
> * andrea <battagliaexentrica.it>:
> > Hi,
> > i would like to authenticate with postfix using sasl+pam and mysql.
> > I use postfix 2.2.10 compiled with these options:
> > make makefiles CCARGS="-DUSE_TLS -I/usr/local/include -DHAS_MYSQL
> -I/usr/include/mysql -DUSE_SASL_AUTH -I/usr/include/sasl"
> AUXLIBS="-L/usr/local/lib -lssl -
> > lcrypto -L/usr/lib/mysql -lmysqlclient -lz -lm -L/usr/lib -lsasl2"
> >
> > For authentication I'm using pam_mysql version 0.5.
> >
> > My configuration is:
> >
> > more /usr/lib/sasl2/smtpd.conf
> > .............................................
> > pwcheck_method: saslauthd auxprop
> > auxprop_plugin: sql
> > sql_engine: mysql
> > sql_user: pecnext
> > sql_passwd: xxxxxx
> > sql_hostnames: X.Y.Z
> > sql_database: pecnext
> > sql_select: select MAIL from ACCOUNTS where MAIL='%u%r'
> > mech_list: plain login
> > #log_level: 4
> > saslauthd_path: /var/run/saslauthd/mux
> >
> > more /etc/pam.d/smtp
> > ................................
> > auth sufficient pam_mysql.so user=pecnext passwd=XXXXX host=X.Y.Zdb=pecnext table=ACCOUNTS usercolumn=MAIL passwdcolumn=PASSWD sqllog=0
> crypt=1
> > auth sufficient pam_unix_auth.so
> > account required pam_mysql.so user=pecnext passwd=XXXXXX host=X.Y.Zdb=pecnext table=ACCOUNTS usercolumn=MAIL passwdcolumn=PASSWD sqllog=0
> crypt=1
> > account sufficient pam_unix_acct.so
> >
> >
> > testsaslauthd -u user1domain.it -p xxxxxx : test is ok
>
> Your testsaslauthd output does not show which servicename testsaslauthd
> uses. That might become a problem.
>
> > When I try to sending mail with a client I've these error:
> >
> > (/var/log/messages)
> > Jul 4 12:40:28 pec01 saslauthd[14953]: do_auth : auth failure:
> [user=user1] [service=smtp] [realm=pecnext1.it] [mech=pam] [reason=PAM
> auth error]
> >
> > As you can see from previous message the SELECT is incomplete:
> MAIL='user1'
> > instead of MAIL='user1domain.it'
>
> Use the additional switch "-r" when you start saslauthd.
>
> prick
>
> --
> The Book of Postfix
> <http://www.postfix-book.com>
> saslfinger (debugging SMTP AUTH):
> <http://postfix.state-of-mind.de/patrick.koetter/saslfinger/>
>
--
EXENTRICA srl
via Giuntini, 25 / int. 9
56023 Navacchio di Cascina (PI)
tel +39 050 754703 - fax +39 050 754707
web: http://www.exentrica.it
email: battagliaexentrica.it
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]