HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   Cannot connect to saslauthd server: Permission denied (http://www.howtoforge.com/forums/showthread.php?t=22730)

migm 26th April 2008 04:55
Cannot connect to saslauthd server: Permission denied
 
Hi all,

I saw the other thread on this (chmod 777 .... and so on) and that did not work. I am still getting this error. Here's my postfix configuration (main.cfg). Please let me know what other information I can provide: there's obviously a permissions problems here but I thought saslauthd ran as root.

Code:
# See /usr/share/postfix/main.cf.dist for a commented, more complete version

# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

# TLS parameters
smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${queue_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${queue_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = tcc1.ath.cx
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = tcc1.ath.cx, ubuntu, localhost.localdomain, localhost
relayhost = [smtp.att.yahoo.com]:587
mynetworks = 0.0.0.0/0
mailbox_size_limit = 0
recipient_delimiter = +
home_mailbox = Maildir/
mailbox_command = procmail -a "$EXTENSION"

smtpd_sasl_local_domain =
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
inet_interfaces = all
smtpd_tls_auth_only = no
smtp_use_tls = yes
smtp_tls_note_starttls_offer = yes
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
Thanks in advance for any and all help!
Cheers,
Migm

falko 26th April 2008 14:14
Please run
Code:
adduser postfix sasl
/etc/init.d/postfix restart

migm 26th April 2008 17:58
Quote:
Originally Posted by falko
Please run
Code:
adduser postfix sasl
/etc/init.d/postfix restart

Thanks for your help. I had already tried this still getting the following
Code:
Apr 26 10:55:19 tcc1 postfix/smtpd[21126]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Apr 26 10:55:19 tcc1 postfix/smtpd[21126]: warning: SASL authentication failure: Password verification failed
Apr 26 10:55:19 tcc1 postfix/smtpd[21126]: warning: maxlaptop.local[192.168.1.2]: SASL PLAIN authentication failed: generic failure
passwd file
Code:
postfix:x:110:120::/var/spool/postfix:/bin/false
groups file
Code:
sasl:x:1001:postfix

migm 27th April 2008 00:38
Well, i got it to work, but I am not confident that my methodology was very secure.

I ran smtpd with strace debugging turned on and saw the reason that things weren't working was that postfix was searching for my saslauthd file in /var/run/saslauthd. The only mention of the /var/run directory i saw was in the saslauthd init.d file, which i changed to reflect the /var/spool/postfix/var/run/saslauthd directory. That didn't work, so I ended up copying and linking all the files necessary from the /spool directory into the /var/run/saslauthd directory. I can't imagine this is terribly secure?

Where is postfix pulling this /var/run directory from, anyway? If i can change that, I'd rather delete what I've done and do it the correct way.

Thanks!

migm

falko 27th April 2008 19:36
Postfix is running chrooted, so /var/run translates to /var/spool/postfix/var/run.

migm 27th April 2008 21:13
Quote:
Originally Posted by falko
Postfix is running chrooted, so /var/run translates to /var/spool/postfix/var/run.
My postfix was actually not chrooted in the master.cfg

bvidinli 13th June 2009 15:03
i found a basic solution described here: http://www.ehcp.net/?q=node/149#comment-668

anony 22nd July 2009 16:39
"Cannot connect to saslauthd server: Permission denied" was caused by permission errors for me. Changed /var/run/saslauthd permissions, chmod a+rx and things worked.

Postfix was not chroot'd and there was no group for saslauthd to add Postfix.

zzattack 4th October 2009 13:12
Quote:
Originally Posted by falko (Post 121705)
Please run
Code:
adduser postfix sasl
/etc/init.d/postfix restart
Thanks, this worked for me

adig 20th February 2011 03:18
password
 
For those that all of the above doesn't solve the problem... check your password!

If it has a '#' sign all that is after the # gets ignored in "/etc/pam.d
/smtp" and therefore you will have these nice errors in /var/log/auth.log :

pam_mysql - required option "db" is not set
DEBUG: auth_pam: pam_authenticate failed: Error in service module

Source: here.


All times are GMT +2. The time now is 11:29.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2013, vBulletin Solutions, Inc.