[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] cyrus-SASL - need help



Am Friday 18 November 2005 21:30 schrieb Milan Milosevic:

> > Check your /etc/pam.d/imap. If it is not there check for a File "other"
> > in your ./pam.d/.
>
> There is no imap file, in "other" file I have:
>
> #%PAM-1.0
> auth     required       pam_warn.so
> auth     required       pam_deny.so
> account  required       pam_warn.so
> account  required       pam_deny.so
> password required       pam_warn.so
> password required       pam_deny.so
> session  required       pam_warn.so
> session  required       pam_deny.so

This cannot work. Hmm, the Pitfall if you start testsaslauthd without the 
Servicename? In Case of PAM the Servicename decides the PAM-Config File. If 
you don't specify a Servicename for testsaslauthd it uses imap. If you have 
setup smtp specify it after testsaslauthd.

# testsaslauthd -u user -p password -s smtp

So /etc/pam.d/smtp will be used.

> > I don't see "size read" Errors, or similar.
>
> I have never got "size read" error for pam. I never succeed in
> configurating pam. I used shadow.
>
> > Did you run testsaslauthd with that?
>
> Yes, I run testsaslauthd in 2nd window. "Size read" error I get in a
> console after I run testsaslauthd (when I use shadow). In case of pam
> I get: NO "authentication failed"

A "size error" from testsaslauthd? It makes no difference if you use shadow 
instead of pam from testsaslauthd. The only part which changes something in 
doing is saslauthd itself. testsaslauthd only talks to the socket of 
saslauthd and sends the 4 values to it. username, password, realm and 
servicename.

-- 
	Andreas

-- 
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here