Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th July 2009, 11:55
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default squirrelmail user login error

Hi there!
I've got a problem with SquirrelMail virtual user login.
After typing in user and password It returns an error: Unknown user or password incorrect.
To set up my mail server I've followed this tutorial http://www.howtoforge.com/virtual-us...l-debian-lenny and it is for LAN use only an it is a DNS server (it works) as well.
The only steps I've omitted were 3, 9, 10, 11 (will do this next time since this installation is for testing).

Here is my configuration:

hostname: serwer2slt
hostname --fqdn: serwer2slt.lan

hosts
Code:
127.0.0.1	localhost.localdomain	localhost
192.168.5.200	serwer2slt.lan	serwer2slt

# The following lines are desirable for IPv6 capable hosts
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
/etc/mysql/my.cnf
Code:
#
# The MySQL database server configuration file.
#
# You can copy this to one of:
# - "/etc/mysql/my.cnf" to set global options,
# - "~/.my.cnf" to set user-specific options.
# 
# One can use all long options that the program supports.
# Run program with --help to get a list of available options and with
# --print-defaults to see which it would actually understand and use.
#
# For explanations see
# http://dev.mysql.com/doc/mysql/en/server-system-variables.html

# This will be passed to all mysql clients
# It has been reported that passwords should be enclosed with ticks/quotes
# escpecially if they contain "#" chars...
# Remember to edit /etc/mysql/debian.cnf when changing the socket location.
[client]
port		= 3306
socket		= /var/run/mysqld/mysqld.sock

# Here is entries for some specific programs
# The following values assume you have at least 32M ram

# This was formally known as [safe_mysqld]. Both versions are currently parsed.
[mysqld_safe]
socket		= /var/run/mysqld/mysqld.sock
nice		= 0

[mysqld]
#
# * Basic Settings
#
user		= mysql
pid-file	= /var/run/mysqld/mysqld.pid
socket		= /var/run/mysqld/mysqld.sock
port		= 3306
basedir		= /usr
datadir		= /var/lib/mysql
tmpdir		= /tmp
language	= /usr/share/mysql/english
skip-external-locking
#
# Instead of skip-networking the default is now to listen only on
# localhost which is more compatible and is not less secure.
bind-address		= 127.0.0.1
#
# * Fine Tuning
#
key_buffer		= 16M
max_allowed_packet	= 16M
thread_stack		= 128K
thread_cache_size	= 8
# This replaces the startup script and checks MyISAM tables if needed
# the first time they are touched
myisam-recover		= BACKUP
#max_connections        = 100
#table_cache            = 64
#thread_concurrency     = 10
#
# * Query Cache Configuration
#
query_cache_limit       = 1M
query_cache_size        = 16M
#
# * Logging and Replication
#
# Both location gets rotated by the cronjob.
# Be aware that this log type is a performance killer.
log		= /var/log/mysql/mysql.log
#
# Error logging goes to syslog. This is a Debian improvement :)
#
# Here you can see queries with especially long duration
#log_slow_queries	= /var/log/mysql/mysql-slow.log
#long_query_time = 2
#log-queries-not-using-indexes
#
# The following can be used as easy to replay backup logs or for replication.
# note: if you are setting up a replication slave, see README.Debian about
#       other settings you may need to change.
#server-id		= 1
#log_bin			= /var/log/mysql/mysql-bin.log
expire_logs_days	= 10
max_binlog_size         = 100M
#binlog_do_db		= include_database_name
#binlog_ignore_db	= include_database_name
#
# * BerkeleyDB
#
# Using BerkeleyDB is now discouraged as its support will cease in 5.1.12.
skip-bdb
#
# * InnoDB
#
# InnoDB is enabled by default with a 10MB datafile in /var/lib/mysql/.
# Read the manual for more InnoDB related options. There are many!
# You might want to disable InnoDB to shrink the mysqld process by circa 100MB.
#skip-innodb
#
# * Security Features
#
# Read the manual, too, if you want chroot!
# chroot = /var/lib/mysql/
#
# For generating SSL certificates I recommend the OpenSSL GUI "tinyca".
#
# ssl-ca=/etc/mysql/cacert.pem
# ssl-cert=/etc/mysql/server-cert.pem
# ssl-key=/etc/mysql/server-key.pem



[mysqldump]
quick
quote-names
max_allowed_packet	= 16M

[mysql]
#no-auto-rehash	# faster start of mysql but no tab completition

[isamchk]
key_buffer		= 16M

#
# * NDB Cluster
#
# See /usr/share/doc/mysql-server-*/README.Debian for more information.
#
# The following configuration is read by the NDB Data Nodes (ndbd processes)
# not from the NDB Management Nodes (ndb_mgmd processes).
#
# [MYSQL_CLUSTER]
# ndb-connectstring=127.0.0.1


#
# * IMPORTANT: Additional settings that can override those from this file!
#   The files must end with '.cnf', otherwise they'll be ignored.
#
!includedir /etc/mysql/conf.d/
/etc/postfix/mysql-virtual_domains.cf
Code:
user = webm2slt
password = webmaster2slt
dbname = mail
query = SELECT domain AS virtual FROM domains WHERE domain='%s'
hosts = 127.0.0.1
The rest of /etc/postfix/mysql-virtual_*.cf files have the same user, password,dbname and hosts values.

/etc/default/saslauthd
Code:
#
# Settings for saslauthd daemon
# Please read /usr/share/doc/sasl2-bin/README.Debian for details.
#

# Should saslauthd run automatically on startup? (default: no)
START=Yes

# Description of this saslauthd instance. Recommended.
# (suggestion: SASL Authentication Daemon)
DESC="SASL Authentication Daemon"

# Short name of this saslauthd instance. Strongly recommended.
# (suggestion: saslauthd)
NAME="saslauthd"

# Which authentication mechanisms should saslauthd use? (default: pam)
#
# Available options in this Debian package:
# getpwent  -- use the getpwent() library function
# kerberos5 -- use Kerberos 5
# pam       -- use PAM
# rimap     -- use a remote IMAP server
# shadow    -- use the local shadow password file
# sasldb    -- use the local sasldb database file
# ldap      -- use LDAP (configuration is in /etc/saslauthd.conf)
#
# Only one option may be used at a time. See the saslauthd man page
# for more information.
#
# Example: MECHANISMS="pam"
MECHANISMS="pam"

# Additional options for this mechanism. (default: none)
# See the saslauthd man page for information about mech-specific options.
MECH_OPTIONS=""

# How many saslauthd processes should we run? (default: 5)
# A value of 0 will fork a new process for each connection.
THREADS=5

# Other options (default: -c -m /var/run/saslauthd)
# Note: You MUST specify the -m option or saslauthd won't run!
#
# WARNING: DO NOT SPECIFY THE -d OPTION.
# The -d option will cause saslauthd to run in the foreground instead of as
# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish
# to run saslauthd in debug mode, please run it by hand to be safe.
#
# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information.
# See the saslauthd man page and the output of 'saslauthd -h' for general
# information about these options.
#
# Example for postfix users: "-c -m /var/spool/postfix/var/run/saslauthd"
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd -r"
/etc/pam.d/smtp
Code:
auth    required   pam_mysql.so user=webm2slt passwd=webmaster2slt host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
account sufficient pam_mysql.so user=webm2slt passwd=webmaster2slt host=127.0.0.1 db=mail table=users usercolumn=email passwdcolumn=password crypt=1
/etc/postfix/sasl/smtpd.conf
Code:
pwcheck_method: saslauthd
mech_list: plain login
allow_plaintext: true
auxprop_plugin: mysql
sql_hostnames: 127.0.0.1
sql_user: webm2slt
sql_passwd: webmaster2slt
sql_database: mail
sql_select: select password from users where email = '%u'
/etc/courier/authdaemonrc
Code:
##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the \ continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.

##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authmysql authcustom authpipe

authmodulelist="authmsql"

##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone

authmodulelistorig="authuserdb authpam authpgsql authldap authmysql authcustom authpipe"

##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...

daemons=5

##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/var/run/courier/authdaemon

##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off debugging
# DEBUG_LOGIN=1   - turn on debugging
# DEBUG_LOGIN=2   - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=0

##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.

DEFAULTOPTIONS=""

##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#

LOGGEROPTS=""

##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem

/etc/courier/authmysqlrc
Code:
##VERSION: $Id: authmysqlrc,v 1.20 2007/10/07 02:50:45 mrsam Exp $
#
# Copyright 2000-2007 Double Precision, Inc.  See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authmysqlrc created from authmysqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions.  This file
# might contain the MySQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value.  Trailing spaces are prohibited.


##NAME: LOCATION:0
#
# The server name, userid, and password used to log in.

MYSQL_SERVER localhost
MYSQL_USERNAME webm2slt
MYSQL_PASSWORD webmaster2slt
MYSQL_PORT 0
MYSQL_DATABASE mail
MYSQL_USER_TABLE users
MYSQL_CRYPT_PWFIELD password
#MYSQL_CLEAR_PWFIELD password
MYSQL_UID_FIELD 5000
MYSQL_GID_FIELD 5000
MYSQL_LOGIN_FIELD email
MYSQL_HOME_FIELD "/home/vmail"
MYSQL_MAILDIR_FIELD CONCAT(SUBSTRING_INDEX(email,'@',-1),'/',SUBSTRING_INDEX(email,'@',1),'/')
#MYSQL_NAME_FIELD
MYSQL_QUOTA_FIELD quota

##NAME: SSLINFO:0
#
# The SSL information.
#
# To use SSL-encrypted connections, define the following variables (available
# in MySQL 4.0, or higher):
#
#
# MYSQL_SSL_KEY        /path/to/file
# MYSQL_SSL_CERT       /path/to/file
# MYSQL_SSL_CACERT     /path/to/file
# MYSQL_SSL_CAPATH     /path/to/file
# MYSQL_SSL_CIPHERS    ALL:!DES

##NAME: MYSQL_SOCKET:0
#
# MYSQL_SOCKET can be used with MySQL version 3.22 or later, it specifies the
# filesystem pipe used for the connection
#
# MYSQL_SOCKET		/var/run/mysqld/mysqld.sock

##NAME: MYSQL_PORT:0
#
# MYSQL_PORT can be used with MySQL version 3.22 or later to specify a port to
# connect to.

MYSQL_PORT		0

##NAME: MYSQL_OPT:0
#
# Leave MYSQL_OPT as 0, unless you know what you're doing.

MYSQL_OPT		0

##NAME: MYSQL_DATABASE:0
#
# The name of the MySQL database we will open:

MYSQL_DATABASE		mysql

#NAME: MYSQL_CHARACTER_SET:0
#
# This is optional. MYSQL_CHARACTER_SET installs a character set. This option
# can be used with  MySQL version 4.1 or later. MySQL supports 70+ collations
# for 30+ character sets. See MySQL documentations for more detalis.
#
# MYSQL_CHARACTER_SET latin1

##NAME: MYSQL_USER_TABLE:0
#
# The name of the table containing your user data.  See README.authmysqlrc
# for the required fields in this table. 

MYSQL_USER_TABLE	passwd

##NAME: MYSQL_CRYPT_PWFIELD:0
#
# Either MYSQL_CRYPT_PWFIELD or MYSQL_CLEAR_PWFIELD must be defined.  Both
# are OK too. crypted passwords go into MYSQL_CRYPT_PWFIELD, cleartext
# passwords go into MYSQL_CLEAR_PWFIELD.  Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.

MYSQL_CRYPT_PWFIELD	crypt

##NAME: MYSQL_CLEAR_PWFIELD:0
#
#
# MYSQL_CLEAR_PWFIELD	clear

##NAME: MYSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN		example.com

##NAME: MYSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# MYSQL_UID_FIELD - contains the numerical userid of the account
#
MYSQL_UID_FIELD		uid

##NAME: MYSQL_GID_FIELD:0
#
# Numerical groupid of the account

MYSQL_GID_FIELD		gid

##NAME: MYSQL_LOGIN_FIELD:0
#
# The login id, default is id.  Basically the query is:
#
#  SELECT MYSQL_UID_FIELD, MYSQL_GID_FIELD, ... WHERE id='loginid'
#

MYSQL_LOGIN_FIELD	id

##NAME: MYSQL_HOME_FIELD:0
#

MYSQL_HOME_FIELD	home

##NAME: MYSQL_NAME_FIELD:0
#
# The user's name (optional)

MYSQL_NAME_FIELD	name

##NAME: MYSQL_MAILDIR_FIELD:0
#
# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from MYSQL_HOME_FIELD).
#
# You still need to provide a MYSQL_HOME_FIELD, even if you uncomment this
# out.
#
# MYSQL_MAILDIR_FIELD	maildir

##NAME: MYSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# MYSQL_DEFAULTDELIVERY defaultdelivery

##NAME: MYSQL_QUOTA_FIELD:0
#
# Define MYSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota.  See README.maildirquota for more information 
#
# MYSQL_QUOTA_FIELD	quota

##NAME: MYSQL_AUXOPTIONS:0
#
# Auxiliary options.  The MYSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs.  These names are additional attributes that define various per-account
# "options", as given in INSTALL's description of the "Account OPTIONS"
# setting.
#
# MYSQL_AUXOPTIONS_FIELD	auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#
# MYSQL_AUXOPTIONS_FIELD	CONCAT("disableimap=",disableimap,",disablepop3=",disablepop3,",disablewebmail=",disablewebmail,",sharedgroup=",sharedgroup)
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.


##NAME: MYSQL_WHERE_CLAUSE:0
#
# This is optional, MYSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# MYSQL_WHERE_CLAUSE	server='mailhost.example.com'

##NAME: MYSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# The username field should include the domain (see example below).
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
#	 	$(local_part), $(domain), $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s.  Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location.  In this case,
# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY.  Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# MYSQL_SELECT_CLAUSE	SELECT CONCAT(popbox.local_part, '@', popbox.domain_name),			\
#			CONCAT('{MD5}', popbox.password_hash),		\
#			popbox.clearpw,					\
#			domain.uid,					\
#			domain.gid,					\
#			CONCAT(domain.path, '/', popbox.mbox_name),	\
#			'',						\
#			domain.quota,					\
#			'',						\
#			CONCAT("disableimap=",disableimap,",disablepop3=",    \
#                              disablepop3,",disablewebmail=",disablewebmail, \
#                              ",sharedgroup=",sharedgroup)             \
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name


##NAME: MYSQL_ENUMERATE_CLAUSE:1
#
# {EXPERIMENTAL}
# Optional custom SQL query used to enumerate accounts for authenumerate,
# in order to compile a list of accounts for shared folders.  The query
# should return the following fields: name, uid, gid, homedir, maildir, options
#
# Example:
# MYSQL_ENUMERATE_CLAUSE	SELECT CONCAT(popbox.local_part, '@', popbox.domain_name),			\
#			domain.uid,					\
#			domain.gid,					\
#			CONCAT(domain.path, '/', popbox.mbox_name),	\
#			'',						\
#			CONCAT('sharedgroup=', sharedgroup)		\
#			FROM popbox, domain				\
#			WHERE popbox.local_part = '$(local_part)'	\
#			AND popbox.domain_name = '$(domain)'		\
#			AND popbox.domain_name = domain.domain_name



##NAME: MYSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, MYSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do an UPDATE operation on database. In other words, it is
# used, when changing password.
#
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:
# 	$(local_part) , $(domain) , $(newpass) , $(newpass_crypt)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# MYSQL_CHPASS_CLAUSE	UPDATE	popbox					\
#			SET	clearpw='$(newpass)',			\
#				password_hash='$(newpass_crypt)'	\
#			WHERE	local_part='$(local_part)'		\
#			AND	domain_name='$(domain)'
#
/etc/courier/imapd.cnf
Code:
RANDFILE = /usr/lib/courier/imapd.rand

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
C=US
ST=NY
L=New York
O=Courier Mail Server
OU=Automatically-generated IMAP SSL key
CN=serwer2slt.lan
emailAddress=postmaster@example.com


[ cert_type ]
nsCertType = server
/etc/courier/pop3d.cnf
Code:
RANDFILE = /usr/lib/courier/pop3d.rand

[ req ]
default_bits = 1024
encrypt_key = yes
distinguished_name = req_dn
x509_extensions = cert_type
prompt = no

[ req_dn ]
C=US
ST=NY
L=New York
O=Courier Mail Server
OU=Automatically-generated POP3 SSL key
CN=serwer2slt.lan
emailAddress=postmaster@example.com


[ cert_type ]
nsCertType = server
/etc/aliases here is where something might have gone wrong
Code:
mailer-daemon: postmaster
postmaster: root
nobody: root
hostmaster: root
usenet: root
news: root
webmaster: root
www: root
ftp: root
abuse: root
noc: root
security: root
root: webm2slt@serwer2slt.lan
config.php from step 15
Code:
<?php

/**
  * SquirrelMail Change SQL Password Plugin
  * Copyright (C) 2001-2002 Tyler Akins
  *               2002 Thijs Kinkhorst <kink@users.sourceforge.net>
  *               2002-2005 Paul Lesneiwski <paul@openguild.net>
  * This program is licensed under GPL. See COPYING for details
  *
  * @package plugins
  * @subpackage Change SQL Password
  *
  */


   // Global Variables, don't touch these unless you want to break the plugin
   //
   global $csp_dsn, $password_update_queries, $lookup_password_query,
          $force_change_password_check_query, $password_encryption,
          $csp_salt_query, $csp_salt_static, $csp_secure_port,
          $csp_non_standard_http_port, $csp_delimiter, $csp_debug,
          $min_password_length, $max_password_length, $include_digit_in_password,
          $include_uppercase_letter_in_password, $include_lowercase_letter_in_password,
          $include_nonalphanumeric_in_password;



   // csp_dsn
   //
   // Theoretically, any SQL database supported by Pear should be supported
   // here.  The DSN (data source name) must contain the information needed
   // to connect to your database backend. A MySQL example is included below.
   // For more details about DSN syntax and list of supported database types,
   // please see:
   //   http://pear.php.net/manual/en/package.database.db.intro-dsn.php
   //
   $csp_dsn = 'mysql://webm2slt:webmaster2slt@localhost/mail';



   // lookup_password_query
   //
   // This plugin will always verify the user's old password
   // against their login password, but an extra check can also
   // be done against the database for more security if you
   // desire.  If you do not need the extra password check,
   // make sure this setting is empty.
   //
   // This is a query that returns a positive value if a user
   // and password pair are found in the database.
   //
   // This query should return one value (one row, one column), the
   // value being ideally a one or a zero, simply indicating that 
   // the user/password pair does in fact exist in the database.
   //
   //   %1 in this query will be replaced with the full username
   //      (including domain), such as "jose@example.com"
   //   %2 in this query will be replaced with the username (without
   //      any domain portion), such as "jose"
   //   %3 in this query will be replaced with the domain name,
   //      such as "example.com"
   //   %4 in this query will be replaced with the current (old)
   //      password in whatever encryption format is needed per other
   //      plugin configuration settings (Note that the syntax of
   //      the password will be provided depending on your encryption
   //      choices, so you NEVER need to provide quotes around this
   //      value in the query here.)
   //   %5 in this query will be replaced with the current (old)
   //      password in unencrypted plain text.  If you do not use any
   //      password encryption, %4 and %5 will be the same values,
   //      except %4 will have double quotes around it and %5 will not.
   //
   //$lookup_password_query = '';
   // TERRIBLE SECURITY: $lookup_password_query = 'SELECT count(*) FROM users WHERE username = "%1" AND plain_password = "%5"';
   $lookup_password_query = 'SELECT count(*) FROM users WHERE email = "%1" AND password = %4';



   // password_update_queries
   //
   // An array of SQL queries that will all be executed 
   // whenever a password change attempt is made.
   //
   // Any number of queries may be included here.
   // The queries will be executed in the order given here.
   //
   //   %1 in all queries will be replaced with the full username
   //      (including domain), such as "jose@example.com" 
   //   %2 in all queries will be replaced with the username (without 
   //      any domain portion), such as "jose"
   //   %3 in all queries will be replaced with the domain name, 
   //      such as "example.com"
   //   %4 in all queries will be replaced with the new password
   //      in whatever encryption format is needed per other
   //      plugin configuration settings (Note that the syntax of 
   //      the password will be provided depending on your 
   //      encryption choices, so you NEVER need to provide quotes 
   //      around this value in the queries here.)
   //   %5 in all queries will be replaced with the new password
   //      in unencrypted plain text - BEWARE!  If you do not use
   //      any password encryption, %4 and %5 will be the same 
   //      values, except %4 will have double quotes around it
   //      and %5 will not.
   //
   $password_update_queries = array(
            'UPDATE users SET password = %4 WHERE mail = "%1"',
//            'UPDATE user_flags SET force_change_pwd = 0 WHERE username = "%1"',
//            'UPDATE users SET crypt_password = %4, force_change_pwd = 0 WHERE username = "%1"',
                                   );



   // force_change_password_check_query
   //
   // A query that checks for a flag that indicates if a user
   // should be forced to change their password.  This query
   // should return one value (one row, one column) which is
   // zero if the user does NOT need to change their password, 
   // or one if the user should be forced to change it now. 
   //
   // This setting should be an empty string if you do not wish
   // to enable this functionality.
   //
   //   %1 in this query will be replaced with the full username
   //      (including domain), such as "jose@example.com" 
   //   %2 in this query will be replaced with the username (without 
   //      any domain portion), such as "jose"
   //   %3 in this query will be replaced with the domain name, 
   //      such as "example.com"
   //
   //$force_change_password_check_query = 'SELECT IF(force_change_pwd = "yes", 1, 0) FROM users WHERE username = "%1"';
   //$force_change_password_check_query = 'SELECT force_change_pwd FROM users WHERE username = "%1"';
   $force_change_password_check_query = '';



   // password_encryption
   //
   // What encryption method do you use to store passwords
   // in your database?  Please use one of the following,
   // exactly as you see it:
   //
   //   NONE          Passwords are stored as plain text only
   //   MYSQLPWD      Passwords are stored using the MySQL password() function
   //   MYSQLENCRYPT  Passwords are stored using the MySQL encrypt() function 
   //   PHPCRYPT      Passwords are stored using the PHP crypt() function 
   //   MD5CRYPT      Passwords are stored using encrypted MD5 algorithm
   //   MD5           Passwords are stored as MD5 hash
   //
   $password_encryption = 'MYSQLENCRYPT';



   // csp_salt_query
   // csp_salt_static
   //
   // Encryption types that need a salt need to know where to get
   // that salt.  If you have a constant, known salt value, you
   // should define it in $csp_salt_static.  Otherwise, leave that
   // value empty and define a value for the $csp_salt_query.
   //
   // Leave both values empty if you do not need (or use) salts
   // to encrypt your passwords.
   //
   // The query should return one value (one row, one column) which 
   // is the salt value for the current user's password.  This
   // query is ignored if $csp_salt_static is anything but empty.
   //
   //   %1 in this query will be replaced with the full username
   //      (including domain), such as "jose@example.com"
   //   %2 in this query will be replaced with the username (without
   //      any domain portion), such as "jose"
   //   %3 in this query will be replaced with the domain name,
   //      such as "example.com"
   //
   //$csp_salt_static = 'LEFT(crypt_password, 2)';
   //$csp_salt_static = '"a4"';  // use this format with MYSQLENCRYPT
   //$csp_salt_static = '$2$blowsomefish$';  // use this format with PHPCRYPT
   $csp_salt_static = 'LEFT(password, 2)';

   //$csp_salt_query = 'SELECT SUBSTRING_INDEX(crypt_password, '$', 1) FROM users WHERE username = "%1"';
   //$csp_salt_query = 'SELECT SUBSTRING(crypt_password, (LENGTH(SUBSTRING_INDEX(crypt_password, '$', 2)) + 2)) FROM users WHERE username = "%1"';
   $csp_salt_query = 'SELECT salt FROM users WHERE username = "%1"';
   //$csp_salt_query = '';



   // csp_secure_port
   // 
   // You may ensure that SSL encryption is used during password 
   // change by setting this to the port that your HTTPS is served
   // on (443 is typical).  Set to zero if you do not wish to force
   // an HTTPS connection when users are changing their passwords.
   //
   // You may override this value for certain domains, users, or
   // service levels through the Virtual Host Login (vlogin) plugin 
   // by setting a value(s) for $vlogin_csp_secure_port in the vlogin
   // configuration.
   //
   $csp_secure_port = 0;
   //$csp_secure_port = 443;



   // csp_non_standard_http_port
   //
   // If you serve standard HTTP web requests on a non-standard
   // port (anything other than port 80), you should specify that
   // port number here.  Set to zero otherwise.
   //
   // You may override this value for certain domains, users, or
   // service levels through the Virtual Host Login (vlogin) plugin 
   // by setting a value(s) for $vlogin_csp_non_standard_http_port 
   // in the vlogin configuration.
   //
   //$csp_non_standard_http_port = 8080;
   $csp_non_standard_http_port = 0;



   // min_password_length
   // max_password_length
   // include_digit_in_password
   // include_uppercase_letter_in_password
   // include_lowercase_letter_in_password
   // include_nonalphanumeric_in_password
   //
   // You can set the minimum and maximum password lengths that
   // you accept or leave those settings as zero to indicate that
   // no limit should be applied.
   //
   // Turn on any of the other settings here to check that the
   // new password contains at least one digit, upper case letter,
   // lower case letter and/or one non-alphanumeric character.
   //
   $min_password_length = 6;
   $max_password_length = 0;
   $include_digit_in_password = 0;
   $include_uppercase_letter_in_password = 0;
   $include_lowercase_letter_in_password = 0;
   $include_nonalphanumeric_in_password = 0;



   // csp_delimiter
   //
   // if your system has usernames with something other than
   // an "@" sign separating the user and domain portion,
   // specify that character here
   //
   //$csp_delimiter = '|';
   $csp_delimiter = '@';
   


   // debug mode
   //
   $csp_debug = 0;



?>
To access login I use http://2slt.lan/squirrelmail/src/login.php but replacing 2slt.lan with serwer2slt.lan or serwer2slt works just as well.
To log in I use following record form mail database in user table in mysql
username: webm2slt@serwer2slt.lan
password: webmaster2slt

Are there any other information or config files I can post to help you to help me ?
I would appreciate any suggestions as to what might be wrong.
Reply With Quote
Sponsored Links
  #2  
Old 21st July 2009, 14:09
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,711
Thanks: 1,899
Thanked 2,702 Times in 2,545 Posts
Default

Any errors in your mail log?
I guess the problem happens because you omitted a few steps...
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #3  
Old 21st July 2009, 14:48
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Thenks for your interest Falko!
Well I'm off on holidays right now and I can't post my logs but I will do this as soon as im back and at work.
Cheers!

Last edited by wiewioor; 27th July 2009 at 20:09.
Reply With Quote
  #4  
Old 27th July 2009, 10:04
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default mail.log

Here is my mail.log right after first attempt to login as webm2slt@serwer2slt.lan
Code:
Jul 27 09:44:20 serwer2slt authdaemond: stopping authdaemond children
Jul 27 09:44:20 serwer2slt postfix/master[2699]: terminating on signal 15
Jul 27 09:46:50 serwer2slt authdaemond: modules="authmsql", daemons=5
Jul 27 09:46:50 serwer2slt authdaemond: Installing libauthmsql
Jul 27 09:46:50 serwer2slt authdaemond: libauthmsql.so: cannot open shared object file: No such file or directory
Jul 27 09:46:51 serwer2slt postfix/master[2795]: daemon started -- version 2.5.5, configuration /etc/postfix
Jul 27 09:51:13 serwer2slt authdaemond: stopping authdaemond children
Jul 27 09:51:13 serwer2slt postfix/master[2795]: terminating on signal 15
Jul 27 09:52:10 serwer2slt authdaemond: modules="authmsql", daemons=5
Jul 27 09:52:10 serwer2slt authdaemond: Installing libauthmsql
Jul 27 09:52:10 serwer2slt authdaemond: libauthmsql.so: cannot open shared object file: No such file or directory
Jul 27 09:52:11 serwer2slt postfix/master[2803]: daemon started -- version 2.5.5, configuration /etc/postfix
Jul 27 09:55:56 serwer2slt imapd: Connection, ip=[::ffff:127.0.0.1]
Jul 27 09:55:56 serwer2slt imapd: LOGIN FAILED, user=webm2slt@serwer2slt.lan, ip=[::ffff:127.0.0.1]
Jul 27 09:56:01 serwer2slt imapd: LOGOUT, ip=[::ffff:127.0.0.1], rcvd=67, sent=332
could this be the problem?
Code:
Jul 27 09:52:10 serwer2slt authdaemond: libauthmsql.so: cannot open shared object file: No such file or directory
Reply With Quote
  #5  
Old 27th July 2009, 10:07
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Hi Falko! I'm back at work. Would you mind to take a look at my mail.log? I've posted it in the thread.
http://www.howtoforge.com/forums/showthread.php?t=37571
Thanks.

Last edited by wiewioor; 27th July 2009 at 20:09.
Reply With Quote
  #6  
Old 27th July 2009, 10:08
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 99 Times in 95 Posts
Default

Quote:
Originally Posted by wiewioor View Post
Here is my mail.log right after first attempt to login as webm2slt@serwer2slt.lan
could this be the problem?
Code:
Jul 27 09:52:10 serwer2slt authdaemond: libauthmsql.so: cannot open shared object file: No such file or directory
That is correct my dear watson!

you're missing mysql libs

apt-get install libmysqlclient15off

and restart your services
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
wiewioor (27th July 2009)
  #7  
Old 29th July 2009, 11:41
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Well I've checked it and I do have libmysqlclient15off
installed. Just to be sure I've reinstalled it and after restart I still get the same error while logging in and mail.log stays the same.
What else might be missing?

I really need help whit this one!

Don't know if this will be of any use but the result of ldd /usr/lib/courier-authlib/libauthmysql.so is as follows:
Code:
	linux-vdso.so.1 =>  (0x00007fff30bfe000)
	libcrypt.so.1 => /lib/libcrypt.so.1 (0x00007ff1286a6000)
	libcourierauthcommon.so => /usr/lib/courier-authlib/libcourierauthcommon.so (0x00007ff1284a2000)
	libmysqlclient.so.15 => /usr/lib/libmysqlclient.so.15 (0x00007ff128096000)
	libm.so.6 => /lib/libm.so.6 (0x00007ff127e13000)
	libc.so.6 => /lib/libc.so.6 (0x00007ff127ac0000)
	libcourierauth.so => /usr/lib/courier-authlib/libcourierauth.so (0x00007ff1278b4000)
	libpthread.so.0 => /lib/libpthread.so.0 (0x00007ff127698000)
	libnsl.so.1 => /lib/libnsl.so.1 (0x00007ff127480000)
	libz.so.1 => /usr/lib/libz.so.1 (0x00007ff127268000)
	/lib64/ld-linux-x86-64.so.2 (0x00007ff128af3000)

Last edited by wiewioor; 29th July 2009 at 13:11.
Reply With Quote
  #8  
Old 29th July 2009, 11:49
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 99 Times in 95 Posts
Default

hmm, i overlooked something,

the file you're missing is in the package: courier-authlib-mysql
Reply With Quote
  #9  
Old 29th July 2009, 13:22
wiewioor wiewioor is offline
Junior Member
 
Join Date: Jul 2009
Posts: 11
Thanks: 2
Thanked 0 Times in 0 Posts
Default

Mark_NL thanks for your interest but I do have courier-authlib-mysql installed.

I've read some posts related to this authdaemond: libauthmsql.so: cannot open shared object file: No such file or directory problem but couldn't find any solution.

I'm relatively new to Debian/Linux and feel pretty much lost at this point.

This is hopeless!
Reply With Quote
  #10  
Old 29th July 2009, 13:51
Mark_NL Mark_NL is offline
Senior Member
 
Join Date: Sep 2008
Location: The Netherlands
Posts: 912
Thanks: 12
Thanked 99 Times in 95 Posts
 
Default

typo:

authmodulelist="authmsql"

in your /etc/courier/authdaemonrc

it should say:

authmodulelist="authmysql"


(i got to say i also overlooked that typo, until i started to check your config files again)
Reply With Quote
The Following User Says Thank You to Mark_NL For This Useful Post:
wiewioor (30th July 2009)
Reply

Bookmarks

Tags
login error, squirrelmail, virtual users

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How to install OpenOficeOrg 3.0.0 in Ubuntu 8.04 ernesthagger HOWTO-Related Questions 43 23rd December 2008 14:42
Problem installing ISPConfig on Suse10.1 nliebherr Installation/Configuration 18 14th September 2007 00:30
ADSL PCI Modems alexillsley Server Operation 5 9th May 2007 19:32
Relay access denied brainz Installation/Configuration 27 8th March 2007 08:21
Error on install igbe Installation/Configuration 7 28th February 2007 22:55


All times are GMT +2. The time now is 23:50.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.