[Dovecot] username and password can't be verified

Eric Kom erickom at metropolitancollege.co.za
Tue Aug 20 17:32:02 EEST 2013


On 20/08/2013 16:06, Steffen Kaiser wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On Tue, 20 Aug 2013, Eric Kom wrote:
>
>> On 20/08/2013 15:07, Steffen Kaiser wrote:
>>> -----BEGIN PGP SIGNED MESSAGE-----
>>> Hash: SHA1
>>>
>>>> Aug 20 09:03:03 ajk dovecot: auth-worker(17041): Debug: 
>>>> pam(erickom at metropolitan.org.za,10.0.0.103): lookup service=dovecot
>>>
>>> Your passwd contains the user with @domain?
>> I don't think so.
>
> you tried to auth as user erickom at metropolitan.org.za via PAM, but 
> your /etc/passwd would know erickom only. Hence, try to auth without 
> domain.
>
>> I uncommented the above
>> # System users (NSS, /etc/passwd, or similiar).
>> # In many systems nowadays this uses Name Service Switch, which is
>> # configured in /etc/nsswitch.conf. <doc/wiki/AuthDatabase.Passwd.txt>
>> passdb {
>>  driver = passwd
>>  # [blocking=no]
>>  #args =
>> }
>>
>> and commented the pam authentication.
>>
>> see below the log:
>> Aug 20 15:32:00 ajk dovecot: auth: Debug: auth client connected 
>> (pid=17996)
>> Aug 20 15:32:00 ajk dovecot: auth: Debug: client in: 
>> AUTH#0111#011PLAIN#011service=imap#011session=TFLnFGHkuwAKAABn#011lip=10.0.0.244#011rip=10.0.0.103#011lport=143#011rport=60347
>> Aug 20 15:32:00 ajk dovecot: auth: Debug: client passdb out: 
>> CONT#0111#011
>> Aug 20 15:32:00 ajk dovecot: auth: Debug: client in: 
>> CONT#0111#011AGVyaWNrb20AbmluYTAxMDE4M2M= (previous base64 data may 
>> contain sensitive data)
>> Aug 20 15:32:00 ajk dovecot: auth-worker(17987): Debug: 
>> passwd(erickom,10.0.0.103): lookup
>> Aug 20 15:32:00 ajk dovecot: auth-worker(17987): Error: 
>> passwd(erickom,10.0.0.103): Invalid password 'x' in passdb: crypt() 
>> failed: Invalid argument
>
> Now you try with another passwd driver and access /etc/passwd without 
> PAM, but you have a shadowed passwd system. Revert to passdb pam and 
> try the username without domain.
>
I got this in log:
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace inbox: 
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, 
subscriptions=yes location=maildir:/var/mail//erickom/M$
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: maildir++: 
root=/var/mail//erickom/Maildir, index=, indexpvt=, control=, 
inbox=/var/mail//erickom/Maildir, alt=
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace : 
/var/mail//erickom/Maildir doesn't exist yet, using default permissions
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace : Using 
permissions from /var/mail//erickom/Maildir: mode=0700 gid=default
Aug 20 16:25:47 ajk dovecot: imap(erickom): Error: user erickom: 
Initialization failed: Namespace '': mkdir(/var/mail//erickom/Maildir) 
failed: Not a directory
Aug 20 16:25:47 ajk dovecot: imap(erickom): Error: Invalid user 
settings. Refer to server log for more information.
Aug 20 16:25:47 ajk dovecot: auth: Debug: auth client connected (pid=18322)
Aug 20 16:25:47 ajk dovecot: auth: Debug: client in: 
AUTH#0111#011PLAIN#011service=imap#011session=GRZF1WHknQAKAABn#011lip=10.0.0.244#011rip=10.0.0.103#011lport=143#011rport=33693
Aug 20 16:25:47 ajk dovecot: auth: Debug: client passdb out: CONT#0111#011
Aug 20 16:25:47 ajk dovecot: auth: Debug: client in: 
CONT#0111#011AGVyaWNrb20AbmluYTAxMDE4M2M= (previous base64 data may 
contain sensitive data)
Aug 20 16:25:47 ajk dovecot: auth-worker(18312): Debug: 
pam(erickom,10.0.0.103): lookup service=dovecot
Aug 20 16:25:47 ajk dovecot: auth-worker(18312): Debug: 
pam(erickom,10.0.0.103): #1/1 style=1 msg=Password:
Aug 20 16:25:47 ajk dovecot: auth: Debug: client passdb out: 
OK#0111#011user=erickom
Aug 20 16:25:47 ajk dovecot: auth: Debug: master in: 
REQUEST#011272105473#01118322#0111#011212e9bee4a8613a63f5266e72ab3a350#011session_pid=18323
Aug 20 16:25:47 ajk dovecot: auth-worker(18312): Debug: 
passwd(erickom,10.0.0.103): lookup
Aug 20 16:25:47 ajk dovecot: auth: Debug: master userdb out: 
USER#011272105473#011erickom#011system_groups_user=erickom#011uid=1000#011gid=1000#011home=/home/erickom#011auth_token=52c7$
Aug 20 16:25:47 ajk dovecot: imap-login: Login: user=<erickom>, 
method=PLAIN, rip=10.0.0.103, lip=10.0.0.244, mpid=18323, 
session=<GRZF1WHknQAKAABn>
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Effective uid=1000, 
gid=1000, home=/home/erickom
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace inbox: 
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes, 
subscriptions=yes location=maildir:/var/mail//erickom/M$
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: maildir++: 
root=/var/mail//erickom/Maildir, index=, indexpvt=, control=, 
inbox=/var/mail//erickom/Maildir, alt=
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace : 
/var/mail//erickom/Maildir doesn't exist yet, using default permissions
Aug 20 16:25:47 ajk dovecot: imap(erickom): Debug: Namespace : Using 
permissions from /var/mail//erickom/Maildir: mode=0700 gid=default
Aug 20 16:25:47 ajk dovecot: imap(erickom): Error: user erickom: 
Initialization failed: Namespace '': mkdir(/var/mail//erickom/Maildir) 
failed: Not a directory
Aug 20 16:25:47 ajk dovecot: imap(erickom): Error: Invalid user 
settings. Refer to server log for more information.


The problem should be the maildir.

This is the current maildir path for erickom:
erickom at ajk:~$ ls -al /var/mail/metropolitan.org.za/erickom/Maildir/
total 20
drwxr-sr-x 5 erickom mail 4096 Aug 20 08:52 .
drwx--S--- 3 erickom mail 4096 Aug 20 08:52 ..
drwx--S--- 2 erickom mail 4096 Aug 20 07:59 cur
drwx--S--- 2 erickom mail 4096 Aug 20 07:59 new
drwx--S--- 2 erickom mail 4096 Aug 20 07:59 tmp


erickom at ajk:~$ sudo doveconf -n
[sudo] password for erickom:
# 2.2.5 (c4f754d6967e): /etc/dovecot/dovecot.conf
# OS: Linux 3.10-2-486 i686 Debian jessie/sid ext4
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
disable_plaintext_auth = no
login_greeting = Great Kom, ready.
mail_debug = yes
mail_location = maildir:/var/mail/%d/%n/Maildir
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope 
encoded-character vacation subaddress comparator-i;ascii-numeric 
relational regex imap4flags copy include variables body enotify 
environment mailbox date ihave
namespace inbox {
   inbox = yes
   location =
   mailbox Drafts {
     special_use = \Drafts
   }
   mailbox Junk {
     special_use = \Junk
   }
   mailbox Sent {
     special_use = \Sent
   }
   mailbox "Sent Messages" {
     special_use = \Sent
   }
   mailbox Trash {
     special_use = \Trash
   }
   prefix =
}
passdb {
   driver = pam
}
plugin {
   sieve = ~/.dovecot.sieve
   sieve_dir = ~/sieve
}
protocols = " imap sieve pop3"
service auth {
   unix_listener /var/spool/postfix/private/auth {
     group = postfix
     mode = 0666
     user = postfix
   }
}
service imap-login {
   inet_listener imap {
     port = 143
   }
   inet_listener imaps {
     port = 993
     ssl = yes
   }
}
service pop3-login {
   inet_listener pop3 {
     port = 110
   }
   inet_listener pop3s {
     port = 995
     ssl = yes
   }
}
ssl_cert = </etc/dovecot/dovecot.pem
ssl_key = </etc/dovecot/private/dovecot.pem
userdb {
   driver = passwd
}

> - -- Steffen Kaiser
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.11 (GNU/Linux)
>
> iQEVAwUBUhN34F3r2wJMiz2NAQIvlQgArga4yyFyaFX0GkQ3zybvbd6jO/gNL0uK
> +IARdKOP7w//Z+Zmzrnp4rPy1DJQahiw/IQ7FwepeOKpM8166v4Hg1JHjKJ+/pLp
> +opsIvuW5B2PLuYP9VE5NocNTiU5dq8YGmHr71ktCIlVizDLqRusHj54EwSNpyxH
> UVWYbGkiNfyzGunOHwI9hCUNMGER4E9NggMR9VQUjI5SnzKCy1me8f1T2dYRZZp5
> djyN1oiuXcUycpVPo1ZcNj+vtJ5SBtTBCxll+gaRmHNR6IqkQ/QSMvUi++LpVKDZ
> 8tB4+j42nyAqi3Z7S/6X6li4CbjwF3jllsyKHUt8n8ie9Z5Fwavr6g==
> =K3/l
> -----END PGP SIGNATURE-----
>


-- 
Kind Regards

Eric Kom

System Administrator & Programmer - Metropolitan College
  _________________________________________
/ You are scrupulously honest, frank, and \
| straightforward. Therefore you have few |
\ friends.                                /
  -----------------------------------------
    \
     \
         .--.
        |o_o |
        |:_/ |
       //   \ \
      (| Kom | )
     /'\_   _/`\
     \___)=(___/

2 Hennie Van Till, White River, 1240
Tel: 013 750 2255 | Fax: 013 750 0105 | Cell: 078 879 1334
erickom at kom.za.net | erickom at metropolitancollege.co.za
www.kom.za.net | www.kom.za.org | www.erickom.co.za

Key fingerprint: 513E E91A C243 3020 8735 09BB 2DBC 5AD7 A9DA 1EF5



More information about the dovecot mailing list