Re: master-users problem

24 Dec 2023


      On Sat, 23 Dec 2023, Noel Butler via dovecot wrote:
...
Hi Barbara,
On 14/12/2023 00:08, Barbara M. wrote:
passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
  result_success = continue
}
 
try replacing result_success with  
pass = yes
Thanks for replay.
Already tried without success.
passdb {
driver = passwd-file
master = yes
args = /etc/dovecot/master-users
#    result_success = continue
pass = yes
}
Anyway, tried again using a test user box3 and next with master user aa33:
]# telnet 0 110
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
+OK Dovecot ready.
user box3
+OK
pass *************
+OK Logged in.
quit
+OK Logging out.
Connection closed by foreign host.
# telnet 0 110
Trying 0.0.0.0...
Connected to 0.
Escape character is '^]'.
+OK Dovecot ready.
user box3*aa33
+OK
pass XXXXXXXXXXXXXXXX
-ERR [AUTH] Authorization failed
quit
+OK Logging out
Connection closed by foreign host.
In the enabled log I have:
Dec 24 15:54:15 pop3-login: Info: Login: user=<box3>, method=PLAIN,
rip=127.0.0.1, lip=127.0.0.1, mpid=1282414, secured, session=<59mCn0INEIh/AAAB>
Dec 24 15:54:19 pop3(box3)<1282414><59mCn0INEIh/AAAB>: Info: Disconnected:
Logged out top=0/0, retr=0/0, del=0/774, size=328796462
Dec 24 15:54:44 auth: Info: Master user logging in as box3
Dec 24 15:54:46 auth-worker(1282411): Info: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,): pam_authenticate() failed: Authentication failure
(Password mismatch?) (given password: XXXXXXXXXXXXXXXXXX)
Dec 24 15:54:51 pop3-login: Info: Disconnected: Aborted login by logging
out (authorization failed, 1 attempts in 7 secs): user=<box3>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured,
session=
The master user was copied from the old server and also created with the
syntax:
htpasswd -b -c -s passwd.masterusers aa33 XXXXXXXXXXXX
And I have a row like:
aa33:{SHA}jWMl8Ye1yJr+5Y5........bo=
in the file /etc/dovecot/master-users
If useful (hoping I have extraced valuable info), I report below the debug
log:
Dec 24 15:54:15 auth: Debug: client in: AUTH    1       PLAIN
service=pop3    secured session=59mCn0INEIh/AAAB        lip=127.0.0.1   rip=127.0.0.1   lport=110       rport=34832
resp=AGJveDMAMS1DYXNpbm80NS5hcGY= (previous base64 data may contain sensitive data)
Dec 24 15:54:15 auth: Debug: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing passdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: Handling PASSV request
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing passdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): lookup service=dovecot
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): #1/1 style=1 msg=Password:
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished passdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<2>: Finished
Dec 24 15:54:15 auth: Debug: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished passdb lookup
Dec 24 15:54:15 auth: Debug: auth(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Auth request finished
Dec 24 15:54:15 auth: Debug: client passdb out: OK      1       user=box3
Dec 24 15:54:15 auth: Debug: master in: REQUEST 2573860865      1282408 1
a3c5e0293a186740512d8f0033e971a1        session_pid=1282414
Dec 24 15:54:15 auth: Debug: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing userdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: Handling USER request
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,<
59mCn0INEIh/AAAB>): Performing userdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished userdb lookup
Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<3>: Finished
Dec 24 15:54:15 auth: Debug: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished userdb lookup
Dec 24 15:54:15 auth: Debug: master userdb out: USER    2573860865      box3    system_groups_user=box3 uid=50613       gid=100
home=/home/Users/box3   auth_mech=PLAIN
Dec 24 15:54:22 auth: Debug: auth client connected (pid=1282416)
Dec 24 15:54:44 auth: Debug: client in: AUTH    1       PLAIN
service=pop3    secured session=Ppk6oUINxMh/AAAB        lip=127.0.0.1   rip=127.0.0.1   lport=110       rport=51396
resp=AGJveDMqYWEzMwBBUEYtLS1kaS0tLUFuZHJldHRBUGFvbE8= (previous base64 data may contain sensitive data)
Dec 24 15:54:44 auth: Debug:
passwd-file(aa33,127.0.0.1,master,): Master user lookup for login: box3
Dec 24 15:54:44 auth: Debug: passwd-file(aa33,127.0.0.1,master,): Performing passdb lookup
Dec 24 15:54:44 auth: Debug:
passwd-file(aa33,127.0.0.1,master,): lookup: user=aa33 file=/etc/dovecot/master-users
Dec 24 15:54:44 auth: Debug:
passwd-file(aa33,127.0.0.1,master,): Finished passdb lookup
Dec 24 15:54:44 auth: Debug: pam(box3,127.0.0.1,): Performing passdb lookup
Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: Handling PASSV request
Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,): Performing passdb lookup
Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,): lookup service=dovecot
Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,): #1/1 style=1 msg=Password:
Dec 24 15:54:46 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,): Finished passdb lookup
Dec 24 15:54:46 auth-worker(1282411): Debug: conn unix:auth-worker
(pid=1282053,uid=97): auth-worker<4>: Finished: password_mismatch
Dec 24 15:54:46 auth: Debug: pam(box3,127.0.0.1,): Finished passdb lookup
Dec 24 15:54:46 auth: Debug: auth(box3,127.0.0.1,): Auth request finished
Dec 24 15:54:48 auth: Debug: client passdb out: FAIL    1       user=box3
code=authz_fail original_user=aa33      auth_user=aa33
Dec 24 15:54:48 pop3-login: Debug: Ignoring unknown passdb extra field: original_user
Dec 24 15:54:48 pop3-login: Debug: Ignoring unknown passdb extra field: auth_user
Dec 24 15:54:51 auth: Debug: auth client connected (pid=1282422)
Dec 24 15:54:51 auth: Debug: client in: AUTH    1       PLAIN
service=imap    secured session=1TavoUIN6KIAAAAAAAAAAAAAAAAAAAAB        lip=::1 rip=::1 lport=143       rport=41704
resp=AGNhcnJhLmNhcmxvADEtQ2FzaW5vNDUuYXBm (previous base64 data may contain sensitive data)