15 May 21:40
Re: SASL postgresql backend doesn't work. Please help.
Chris St Denis <chris <at> smartt.com>
2008-05-15 19:40:06 GMT
2008-05-15 19:40:06 GMT
(forgot to reply to all. Resending for list)
Patrick Ben Koetter wrote:
barium# ll /usr/lib/sasl2
lrwxr-xr-x 1 root wheel 20 May 15 12:01 /usr/lib/sasl2 -> /usr/local/lib/sasl2
All of the software is installed through the FreeBSD ports system which patches stuff to have the correct paths so it's probably not necessary on this platform anyway.
I wish I was getting more verbose error messages. I had log_level: 7 and sql_verbose: true but still have gotten very little in terms of useful errors. "fatal: SASL per-process initialization failed" just isn't that useful on it's own.
Not seeing the mysql errors anymore, but they were somewhat intermittent anyway.
Patrick Ben Koetter wrote:
* Chris St Denis <chris <at> smartt.com>:Done. Still doesn't work.I am trying to get SASL to work authenticated to a postgresql database for SMTP auth with postfix. But it sasl is being very uncooperative. basic system info barium# uname -mrs FreeBSD 7.0-RELEASE-p1 amd64 cyrus-sasl version: 2.1.22 postfix version: 2.5.1 One of my biggest problems is I can't find any documentation of the smtpd.conf file, but form what I've pieced together from tutorials and such I've got this. pwcheck_method: auxprop auxprop_plugin: sql sql_engine: pgsql allowanonymouslogin: no allowplaintext: yes mech_list: LOGIN PLAIN password_format: plaintext sql_user: mail sql_passwd: sql_hostnames: localhost sql_database: mail sql_select: SELECT pass FROM emails_view WHERE email = '%u <at> %r' log_level: 7 sql_verbose: trueReduce it to this: pwcheck_method: auxprop auxprop_plugin: sql sql_engine: pgsql mech_list: LOGIN PLAIN sql_user: mail sql_passwd: sql_hostnames: localhost sql_database: mail sql_select: SELECT pass FROM emails_view WHERE email = '%u <at> %r'
No forgot about that one. But it's there now. Still doesn't work.If I use saslpasswd2 on an account I get "generic failure". Does saslpasswd2 even work on sql or is it sasldb only?It's sasldb only (it is said to be others too, but that's hearsay).And the files are there barium# ll /usr/local/lib/sasl2/*sql* -rw-r--r-- 1 root wheel 28568 May 13 10:27 /usr/local/lib/sasl2/libsql.a -rwxr-xr-x 1 root wheel 826 May 13 10:27 /usr/local/lib/sasl2/libsql.la lrwxr-xr-x 1 root wheel 11 May 13 10:27 /usr/local/lib/sasl2/libsql.so -> libsql.so.2 -rwxr-xr-x 1 root wheel 27026 May 13 10:27 /usr/local/lib/sasl2/libsql.so.2Did you create the required, symbolic link from /usr/local/lib/sasl2/ to /usr/lib/sasl2/?
barium# ll /usr/lib/sasl2
lrwxr-xr-x 1 root wheel 20 May 15 12:01 /usr/lib/sasl2 -> /usr/local/lib/sasl2
All of the software is installed through the FreeBSD ports system which patches stuff to have the correct paths so it's probably not necessary on this platform anyway.
They are plain text. I'll deal with getting crypted to work (with the appropriate mechanisms) once I get basic plain text working.For some reason I get some mysql related errors in the syslog like these. I'm using postgresql not mysql. It's compiled --without-mysql and mysql isn't even installed in the server. May 13 15:05:42 barium pluginviewer: SQL engine 'mysql' not supported May 13 15:05:42 barium pluginviewer: auxpropfunc error no mechanism available May 13 15:05:46 barium pluginviewer: SQL engine 'mysql' not supported May 13 15:05:46 barium pluginviewer: auxpropfunc error no mechanism available May 13 15:05:51 barium pluginviewer: SQL engine 'mysql' not supported May 13 15:05:51 barium pluginviewer: auxpropfunc error no mechanism available May 13 15:17:38 barium server: SQL engine 'mysql' not supported May 13 15:17:38 barium server: auxpropfunc error no mechanism availableIt can't find any mechanisms such as PLAIN and LOGIN.Other than that, I only get generic errors like May 13 15:31:07 barium postfix/smtpd[79672]: warning: SASL per-process initialization failed: generic failure May 13 15:31:07 barium postfix/smtpd[79672]: fatal: SASL per-process initialization failed using the client/server in "sample" Client barium# ./client -s smtpd -m LOGIN localhost receiving capability list... recv: {48} LOGIN ANONYMOUS PLAIN GSSAPI DIGEST-MD5 CRAM-MD5 LOGIN ANONYMOUS PLAIN GSSAPI DIGEST-MD5 CRAM-MD5The mechanisms are there. Are the passwords in your database crypted? They must not. They must be plaintext.
Have you checked the access permissions to the database? Can your "mail" user connect and SELECT FROM as you need it?Yes, it's the same settings that postfix is using for Virtual. Anyway, according to the database logs, it's not even trying to connect.
p <at> rick
I wish I was getting more verbose error messages. I had log_level: 7 and sql_verbose: true but still have gotten very little in terms of useful errors. "fatal: SASL per-process initialization failed" just isn't that useful on it's own.
Not seeing the mysql errors anymore, but they were somewhat intermittent anyway.
RSS Feed