Всем привет. Дистр 6 платформа десктоп (так как неполучилось на школьных решил пробовать этот)
установил postfix, cyrus-sasl2, postfix-cyrus
метод авторизации sasl нужен shadow, где его прописать ненашёл.
если запускать service saslauthd start то testsaslauth не работает (testsaslauth -u root -p 123)
если запускать saslauthd -a shadow то testsaslauth работает (testsaslauth -u root -p 123)
вот конфиг постфикса main.cf
# Global Postfix configuration file. This file lists only a small subset
# of all parameters. For the syntax, and for a complete parameter list,
# see the postconf(5) manual page. For a commented and more complete
# version of this file see /etc/postfix/main.cf.dist
mailbox_command = /usr/bin/procmail -a $DOMAIN -d $LOGNAME
inet_interfaces =all
myhostname = mail.domain
mydomain = my.domain
mydestination = $mydomain, $myhostname, localhost
myorigin = $mydomain
mynetworks = 192.168.0.0/24
smtpd_sasl_auth_enable = yes
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
создал конфиг /usr/lib/sasl2/smtpd.conf
pwcheck_method: saslauthd
mech_list: plain login
в конфиге /etc/sasl2/saslauthd.conf закоментировал строки c ldap, с ними долго думает
#ldap_servers: ldap://10.1.1.15/ ldap://10.1.1.25/
#ldap_bind_dn: cn=operator,ou=Profile,o=foo.com
#ldap_bind_pw: secret
#ldap_version: 3
# <2|3>
# Specify the LDAP protocol version to use.
ldap_timeout: 5
# Specify a number of seconds a search can take before timing out.
ldap_time_limit: 5
# Specify a number of seconds for a search request to complete.
#ldap_deref: <none> <search|find|always|never>
# Specify how aliases dereferencing is handled during a search.
#ldap_referrals: <no>
# Specify whether or not the client should follow referrals.
#ldap_restart: <yes>
# Specify whether or not LDAP I/O operations are automatically restarted
# if they abort prematurely.
#ldap_cache_ttl: <0>
# Non zero enables client side caching. Cached results will expire after
# specified number seconds, e.g. 30. Use this option with care.
# OpenLDAP folks consider this feature experimental.
#ldap_cache_mem: <0>
# If client side caching is enabled, the value specifies the cache size
# in bytes, e.g. 32768.
#ldap_scope: <sub> <sub|one|base>
# Search scope.
#ldap_search_base: <none>
# Specify a starting point for the search. e.g. dc=foo,dc=com
#ldap_auth_method: <bind> <bind|custom>
# Specify an authentication method. The default 'bind' method uses the
# LDAP simple bind facility to verify the password. The custom method
# uses userPassword attribute to verify the password. Currently, {CRYPT}
# hash is supported.
#ldap_filter: <uid=%u>
# Specify a filter. Use the %u and %r tokens for the username and realm
# substitution. The %u token has to be used at minimum for the filter to
# be useful. If ldap_auth_method is 'bind', the filter will search for
# the DN (distinguished name) attribute. Otherwise, the search will look
# for the userPassword attribute.
#ldap_debug: <0>
# Specify a debugging level in the OpenLDAP libraries. See
# ldap_set_option(3) for more (LDAP_OPT_DEBUG_LEVEL).
#
#ldap_tls_check_peer: <no> <yes|no>
# Require and verify server certificate. If this option is yes,
# you must specify ldap_tls_cacert_file or ldap_tls_cacert_dir.
#ldap_tls_cacert_file: <none>
# File containing CA (Certificate Authority) certificate(s).
#ldap_tls_cacert_dir: <none>
# Path to directory with CA (Certificate Authority) certificates.
#ldap_tls_ciphers: <DEFAULT>
# List of SSL/TLS ciphers to allow. The format of the string is
# described in ciphers(1).
#ldap_tls_cert: <none>
# File containing the client certificate.
#ldap_tls_key: <none>
# File containing the private client key.
вот логи postfix
/var/log/mail/all
connect from test.ru[192.168.0.60]
Apr 9 01:15:23 mail postfix/smtpd[14563]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Apr 9 01:15:23 mail postfix/smtpd[14563]: warning: SASL authentication failure: Password verification failed
Apr 9 01:15:23 mail postfix/smtpd[14563]: warning: test.ru[192.168.0.60]: SASL PLAIN authentication failed: generic failure
Apr 9 01:15:23 mail postfix/smtpd[14563]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory
Apr 9 01:15:23 mail postfix/smtpd[14563]: warning: test.ru[192.168.0.60]: SASL LOGIN authentication failed: generic failure
Apr 9 01:15:23 mail postfix/smtpd[14563]: C96C8AB6D9: client=test.ru[192.168.0.60]
Apr 9 01:15:23 mail postfix/cleanup[14566]: C96C8AB6D9: message-id=<581624383.20120409101409@mail.domain>
Apr 9 01:15:23 mail postfix/qmgr[14555]: C96C8AB6D9: from=<lord@mail.domain>, size=664, nrcpt=1 (queue active)
Apr 9 01:15:23 mail postfix/smtpd[14563]: disconnect from test.ru[192.168.0.60]
Сам постфикс работает без проблем, неполучается только с авторизацией.
Какой файл он ненаходит (в логах)?
Такое ощущение, что что-то еще недонастроено.
подскажите куда копать.
Заранее благодарен.
