I upgraded cyrus-sasl to 2.1.18-r1 and now postfix won't start when I enable client authentification. Reproducible: Always Steps to Reproduce: 1. Put the following lines in /etc/postfix/main.cf smtp_use_tls = yes smtp_tls_CAfile = /etc/postfix/cacert.cer smtp_sasl_auth_enable = yes smtp_sasl_password_maps = hash:/etc/postfix/saslpass smtp_sasl_security_options = 2. start postfix 3. send a mail Actual Results: The logs say: Jul 7 12:33:35 charm postfix/pickup[22188]: 660D1214F6B: uid=1000 from=<schmitta> Jul 7 12:33:35 charm postfix/cleanup[22227]: 660D1214F6B: message-id=<20040707103335.GE8004@alan-schm1p> Jul 7 12:33:35 charm postfix/qmgr[22189]: 660D1214F6B: from=<alan.schmitt@polytechnique.org>, size=1268, nrcpt=1 (queue active) Jul 7 12:33:35 charm postfix/smtp[22229]: fatal: SASL library initialization Jul 7 12:33:36 charm postfix/master[22144]: warning: process /usr/lib/postfix/smtp pid 22229 exit status 1 Jul 7 12:33:36 charm postfix/master[22144]: warning: /usr/lib/postfix/smtp: bad command startup -- throttling Expected Results: The email should be sent using TLS authentification. I tried to emerge postfix again, but it did not solve the problem.
It seems that saslauthd also breaks openldap.
Postfix and Openldap don't even start correctly.
Argggh!!!... Mental note: never never never ever upgrade key components without checking b.g.o first >:-( Postfix (and posibly cyrus-imapd) broken here after the upgrade. I'm going back to 2.1.18 right now.
Same probleme with cyrus-sasl-2.1.18-r1 and sasldb auth Reverting to 2.1.18 solves the problem
fixed in CVS. Please wait couple hours for the mirror to get the updated patch, sync and emerge.
Close.
Hi, please keep in mind that both 2.1.18 and 2.1.18-r1 were both unstable ebuilds. Also, make sure if you are using pam_mysql auth and want to continue using it, that you enable the USE flag "pam-mysql". Finally, there was an actual bug in one of the security fix patches and you guys must have caught it just before it was fixed (sorry about that). It's now fixed in CVS. The file in question is: $ ls -l files/cyrus-sasl-2.1.18-sasl-path-fix.patch -rw-r--r-- 1 visi users 540 Jul 7 12:40 files/cyrus-sasl-2.1.18-sasl-path-fix.patch Make sure you have that version. In case it isn't hitting the mirrors fast enough for you, I'll attach it to the bug.
Created attachment 34935 [details, diff] files/cyrus-sasl-2.1.18-sasl-path-fix.patch
Do we need the pam_mysql thing if we only want to use it for postfix as a client? (i.e. my postfix is connecting to a mail server using tls authentification)
The fixed "sasl-path-fix" as posted here works. Thanks, Norberto
works for me too Thanks