[Dovecot] Pam authentication failure message but it works
I am running Centos 6.4 64bit. Dovecot 2.0.9
I am getting the following messages in /var/log/secure, which looks like the pam authentication is not working but the users are allowed to login and the system works great. I am wondering if pam is actually failing and yet the system is getting the login info from elsewhere, or is this just a nuisance message?
/var/log/secure Jun 12 23:11:29 smtp auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=christineg rhost=65.13.54.123 user=christineg Jun 12 23:11:45 smtp auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=susieg rhost=70.208.29.109 user=susieg Jun 12 23:12:03 smtp auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=bobs rhost=70.59.189.210 user=bobs
In the debug log file I see what looks like a successful connection, but don't know how to read the two pam lines.
/var/log/dovecot.debug.log
Jun 12 23:11:29 auth: Debug: auth client connected (pid=10098)
Jun 12 23:11:29 auth: Debug: client in: AUTH 1 PLAIN
service=imap lip=206.169.228.24 rip=65.13.54.123 lport=143
rport=54049 resp=AGNocmlzZwBjZzQ4MjU=
Jun 12 23:11:29 auth: Debug: pam(christineg,65.13.54.123): lookup
service=dovecot
Jun 12 23:11:29 auth: Debug: pam(christineg,65.13.54.123): #1/1 style=1
msg=Password:
Jun 12 23:11:29 auth: Debug: client out: OK 1 user=christineg
Jun 12 23:11:29 auth: Debug: master in: REQUEST 4079353857 10098
1 0229474c9c1038e161328ecd28884af2
Jun 12 23:11:29 auth: Debug: passwd(christineg,65.13.54.123): lookup
Jun 12 23:11:29 auth: Debug: master out: USER 4079353857 christineg
system_groups_user=christineg uid=1116 gid=100 home=/home/christineg
Jun 12 23:11:29 imap(christineg): Debug: Effective uid=1116, gid=100,
home=/home/christineg
Jun 12 23:11:29 imap(christineg): Debug: maildir++:
root=/home/christineg/Maildir, index=, control=,
inbox=/home/christineg/Maildir
Jun 12 23:11:44 auth: Debug: auth client connected (pid=10100)
Jun 12 23:11:45 auth: Debug: client in: AUTH 1 PLAIN
service=imap lip=206.169.228.24 rip=70.208.29.109
lport=143 rport=14107
Jun 12 23:11:45 auth: Debug: client out: CONT 1
Jun 12 23:11:45 auth: Debug: client in: CONT 1
AHJpY2hhcmRnQGNsaW1hLXRlY2guY29tAHJnMzgyMg==
Jun 12 23:11:45 auth: Debug: pam(susieg,70.208.29.109): lookup
service=dovecot
Jun 12 23:11:45 auth: Debug: pam(susieg,70.208.29.109): #1/1 style=1
msg=Password:
Jun 12 23:11:45 auth: Debug: client out: OK 1 user=susieg
Jun 12 23:11:45 auth: Debug: master in: REQUEST 3368157185 10100
1 5a8d4b15a417d0bc4d2f818c5a5710f0
Jun 12 23:11:45 auth: Debug: passwd(susieg,70.208.29.109): lookup
Jun 12 23:11:45 auth: Debug: master out: USER 3368157185 susieg
system_groups_user=susieg uid=1087 gid=100 home=/home/susieg
Jun 12 23:11:45 imap(susieg): Debug: Effective uid=1087, gid=100,
home=/home/susieg
Jun 12 23:11:45 imap(susieg): Debug: maildir++:
root=/home/susieg/Maildir, index=, control=, inbox=/home/susieg/Maildir
Jun 12 23:12:03 auth: Debug: auth client connected (pid=10104)
Jun 12 23:12:03 auth: Debug: auth client connected (pid=10105)
Jun 12 23:12:03 auth: Debug: client in: AUTH 1 PLAIN
service=imap lip=206.169.228.24 rip=70.59.189.210
lport=143 rport=38705
Jun 12 23:12:03 auth: Debug: client out: CONT 1
Jun 12 23:12:03 auth: Debug: client in: CONT 1
AGJyZW5kb25jQGNsaW1hLXRlY2guY29tAGJjMTU1NA==
Jun 12 23:12:03 auth: Debug: pam(bobs,70.59.189.210): lookup service=dovecot
Jun 12 23:12:03 auth: Debug: pam(bobs,70.59.189.210): #1/1 style=1
msg=Password:
Jun 12 23:12:03 auth: Debug: client out: OK 1 user=bobs
Jun 12 23:12:03 auth: Debug: master in: REQUEST 709623809 10104
1 0c261d849b956bf9cb5c0833b498bb97
Jun 12 23:12:03 auth: Debug: passwd(bobs,70.59.189.210): lookup
Jun 12 23:12:03 auth: Debug: master out: USER 709623809 bobs
system_groups_user=bobs uid=1188 gid=100 home=/home/bobs
Jun 12 23:12:03 imap(bobs): Debug: Effective uid=1188, gid=100,
home=/home/bobs
Jun 12 23:12:03 imap(bobs): Debug: maildir++: root=/home/bobs/Maildir,
index=, control=, inbox=/home/bobs/Maildir
/etc/pam.d/dovecot #%PAM-1.0 auth required pam_nologin.so auth include password-auth account include password-auth session include password-auth
# 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-279.22.1.el6.x86_64 x86_64 CentOS release 6.4 (Final) auth_debug_passwords = yes auth_mechanisms = plain login auth_username_format = %n auth_verbose = yes debug_log_path = /var/log/dovecot.debug.log disable_plaintext_auth = no hostname = mail.mydomain.com lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_debug = yes mail_location = maildir:~/Maildir managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date mbox_write_locks = fcntl passdb { args = failure_show_msg=yes driver = pam } plugin { sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_global_path = /var/lib/dovecot/sieve/default.sieve } postmaster_address = postmaster@mydomain.com protocols = imap pop3 lmtp sieve sendmail_path = /usr/sbin/sendmail.postfix service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } ssl_cert =
participants (1)
-
Wayne Andersen