Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 77898 - There is an error concerning sasl configuration
Summary: There is an error concerning sasl configuration
Status: RESOLVED FIXED
Alias: None
Product: [OLD] Docs-user
Classification: Unclassified
Component: Virtual-mail HOWTO (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Sven Vermeulen (RETIRED)
URL: http://www.gentoo.org/doc/en/virt-mai...
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2005-01-13 14:16 UTC by Philipp Strube
Modified: 2005-02-05 07:29 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Strube 2005-01-13 14:16:20 UTC 
# echo "dev-libs/cyrus-sasl -ldap mysql" >> /etc/portage/package.use
# emerge cyrus-sasl

The howto says to emerge cyrus-sasl with mysql support. And then tells the user to set the smtpd.conf file like that:

# nano -w /etc/sasl2/smtpd.conf
pwcheck_method: auxprop
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: localhost
sql_user: mailsql
sql_passwd: <password>
sql_database: mailsql
sql_select: select clear from users where email = '%u@%r'
mech_list: plain login
pwcheck_method: saslauthd
mech_list: LOGIN PLAIN
(It's important to turn off auth methods we are not using.
They cause problems for some mail clients.)
# /etc/init.d/saslauthd start

This did not work for me. If you compile cyrus-sasl the old fashioned way without mysql support and then use pam to authenticate: postfix -> sasl -> pam it works quite well. To get that working you have to change /etc/sasl2/smtpd.conf to read:

mech_list: PLAIN LOGIN 
pwcheck_method:saslauthd 

And then adjust /etc/conf.d/saslauthd to read:

SASLAUTHD_OPTS="${SASLAUTH_MECH} -a pam -r"

That way saslauthd transforms user and realm into user@realm which makes it possible to use pam to authenticate against the mysql table.

You advise the people to install pam mysql authentication but then don't use it for anything? Courier uses authdaemond.mysql and with the sasl configuration it seems, you somehow mixed up the settings, because there is mech_list and pwcheck_method two times in the file. I hope I didn't tell bullshit here, but I checked everything a thousand times.

Anyway there is a "translation" failure in the german howto:

http://www.gentoo.org/doc/de/virt-mail-howto.xml

It still tells you to emerge cyrus-sasl without mysql support. Which obviously can't work at all, with the smtpd.conf settings the howto then uses. (As i tried to explain, it doesn't work either way...)

Excuse my english, I am german and not quite a native speaker. :-) If you could confirm my thoughts, I can offer to correct the howto, and add to the section about spamfilter and virusscanner. Only if the author doesn't mind, I don't know anything about licenses and stuff.

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Actual Results:  
Following the howto you result in a setup not working. 

Expected Results:  
Getting a virtual mailserver setup that allows you to relay mails with sasl 
authentication against a mysql database.
Comment 1 Sven Vermeulen (RETIRED) gentoo-dev 2005-02-05 07:21:26 UTC 
Yes, the current behaviour was listed due to bug #57411 which is resolved. I'll update the guide to reflect this.
Comment 2 Sven Vermeulen (RETIRED) gentoo-dev 2005-02-05 07:29:44 UTC 
Fixed in CVS.