[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [suse-security] About "opiekeys" in sendmail-Suse8.2 logs

Am Montag, 27. Oktober 2003 13:16 schrieb J.J. Gallardo:

> > I don't know what it means. But with
> > touch /etc/opiekeys
> > you can get rid of the messages...
> Seems to be a "patch" so log "don't show the message (OTP...:...
> opiekeys) in /var/log/messages"...but is a patch and not the solution (a
> misconfigured option, i'm sure but i don't know where). But thanks...i
> will try to find more information.

The error comes from the cyrus-sasl Libraries. SASL is a Library which helps 
Applications like Postfix, Sendmail, Cyrus-IMAP to authenticate the users. 
There are diffrent mechanisms to authenticate, the normal are authenticate 
with a password out of passwd/shadow. But one is a mech called OTP, which 
means you can use OneTimePasswords. These Passwords will be stored in a 
databse on your disk "/etc/opiekeys". Normally the admin doesn't use this 
mechanism and at the time of Initialisation the Library searchs for the 
database and doesn't find it. 

Well, there are some ways to eliminate the error-message. One is to create an 
empty database, one is to delete the Library "libotp.so.*" out of "/usr/lib/
sasl2/" and another is to filter this mech with the "mech_list:"-option in 
the sasl-configuration file of your application Sendmail: /usr/lib/sasl2/
Sendmail.conf or Postfix's /usr/lib/sasl2/smtpd.conf or Cyrus-IMAP /etc/

The easiest way is "touch /etc/opiekeys"...


Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-help@xxxxxxxx
Security-related bug reports go to security@xxxxxxx, not here