[Dovecot] Plain password not authenticating
I'm trying to set up a temporary mailserver using Debian Sarge and Dovecot 1.0 with maildir format. My only previous experience has been on a simple imap server.
I have read the wiki documentation and searched the archives, but can't tie down my problem. The log tells me
Info: passwd-file(anne) : unknown user.
I have set auth_userdb = passwd-file /etc/imap.passwd auth_passdb = passwd-file /etc/imap.passwd
and created the /etc/imap.passwd file as anne:{plain}mypassword:1000:1000::/home/anne
What have I missed?
Anne
Registered Linux User No.293302 (http://counter.li.org/)
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Best Wishes, Chris
Anne Wilson wrote:
I'm trying to set up a temporary mailserver using Debian Sarge and Dovecot 1.0 with maildir format. My only previous experience has been on a simple imap server.
I have read the wiki documentation and searched the archives, but can't tie down my problem. The log tells me
Info: passwd-file(anne) : unknown user.
I have set auth_userdb = passwd-file /etc/imap.passwd auth_passdb = passwd-file /etc/imap.passwd
and created the /etc/imap.passwd file as anne:{plain}mypassword:1000:1000::/home/anne
What have I missed?
Anne
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Hi, Chris. Is the second stanza line 'args = /some/path/imap.passwd' ?
Assuming that to be so, I tried it, but now I can't start dovecot, as I get 'Unknown Setting: mechanisms'
Anne
Registered Linux User No.293302 (http://counter.li.org/)
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Hi, Chris. Is the second stanza line 'args = /some/path/imap.passwd' ?
Assuming that to be so, I tried it, but now I can't start dovecot, as I get 'Unknown Setting: mechanisms'
Anne
Registered Linux User No.293302 (http://counter.li.org/)
Which version of Dovecot are you using?
Looking back at your original post, it seems you may actually be using Dovecot 0.99.xx, not 1.0 as you said, after all! Certainly "auth_userdb = passwd-file /etc/imap.passwd" is 0.99.xx syntax, and "mechanisms" isn't valid, it's "auth_mechanisms" etc.
In earlier versions of 1.0, it was "userdb = passwd-file /etc/imap.passwd" and in the latest versions (Dovecot-1.0-alpha5) it is as I said in my first reply.
Dovecot-1.0-alpha5 probably has fewer bugs than 0.99.x despite the name, so I'd strongly recommend upgrading. Timo's promised us a "beta1" version in the next few days which will have only a few minor changes from alpha5.
Assuming you are using 0.99.x, what do you have as "auth_user"? If it's not root, does it have permissions to read /etc/imap.passwd? Do you have "disable_plaintext_auth" set to "no" (if it's "yes" then it won't allow you to login unless you're using TLS or SSL).
Best Wishes, Chris
Anne Wilson wrote:
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Hi, Chris. Is the second stanza line 'args = /some/path/imap.passwd' ?
Assuming that to be so, I tried it, but now I can't start dovecot, as I get 'Unknown Setting: mechanisms'
Anne
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
On Friday 13 Jan 2006 11:10, Chris Wakelin wrote:
Which version of Dovecot are you using?
Looking back at your original post, it seems you may actually be using Dovecot 0.99.xx, not 1.0 as you said, after all!
Thanks for the speedy reply.
Sorry - somewhere, when I first started, I read 1.0, but you are quite correct. It is actually 0.99.14.
Certainly "auth_userdb = passwd-file /etc/imap.passwd" is 0.99.xx syntax, and "mechanisms" isn't valid, it's "auth_mechanisms" etc.
In earlier versions of 1.0, it was "userdb = passwd-file /etc/imap.passwd" and in the latest versions (Dovecot-1.0-alpha5) it is as I said in my first reply.
Dovecot-1.0-alpha5 probably has fewer bugs than 0.99.x despite the name, so I'd strongly recommend upgrading. Timo's promised us a "beta1" version in the next few days which will have only a few minor changes from alpha5.
I'll do that as soon as I can, but for now I really need to get this working.
Assuming you are using 0.99.x, what do you have as "auth_user"?
root
If it's not root, does it have permissions to read /etc/imap.passwd? Do you have "disable_plaintext_auth" set to "no" (if it's "yes" then it won't allow you to login unless you're using TLS or SSL).
It's set to 'no'
OK - I've changed everything to auth_whatever, but now it's not happy with 'args'. Is that different as well?
Anne
Registered Linux User No.293302 (http://counter.li.org/)
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Well, I have 1.0alpha5 installed, and have matched these lines in the dovecot.conf file. Now I got Error...... unknown setting: passdb
Looking at the examples I took out the '=' and it seemed to pass that line, but then
Error..... unknown setting: userdb
Taking out the '=' this time just leads to
Error.... expecting '='
Any ideas, please?
Anne
Registered Linux User No.293302 (http://counter.li.org/)
Anne Wilson wrote:
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Well, I have 1.0alpha5 installed, and have matched these lines in the dovecot.conf file. Now I got Error...... unknown setting: passdb
Looking at the examples I took out the '=' and it seemed to pass that line, but then
Oops! My fault! No there's no "=" between "passdb" and "passwd-file".
This is what I've actually got (grepped out of my config file)
auth default { mechanisms = plain login passdb pam { } userdb passwd-file { args = /opt/RDGdovect/etc/userdb } user = root }
as I'm using PAM for passwords and only storing UIDs etc. in the "passwd-file" file (/opt/RDGdovecot/etc/userdb is created overnight from NIS - it turns out to be *much* faster than doing NIS lookups each time).
Did you start from the dovecot-example.conf as Timo suggested? Probably more reliable than me ;)
Best Wishes, Chris
-- --+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+- Christopher Wakelin, c.d.wakelin@reading.ac.uk IT Services Centre, The University of Reading, Tel: +44 (0)118 378 8439 Whiteknights, Reading, RG6 2AF, UK Fax: +44 (0)118 975 3094
On Saturday 14 Jan 2006 14:53, Chris Wakelin wrote:
Anne Wilson wrote:
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Well, I have 1.0alpha5 installed, and have matched these lines in the dovecot.conf file. Now I got Error...... unknown setting: passdb
Looking at the examples I took out the '=' and it seemed to pass that line, but then
Oops! My fault! No there's no "=" between "passdb" and "passwd-file".
This is what I've actually got (grepped out of my config file)
auth default { mechanisms = plain login passdb pam { } userdb passwd-file { args = /opt/RDGdovect/etc/userdb } user = root }
as I'm using PAM for passwords and only storing UIDs etc. in the "passwd-file" file (/opt/RDGdovecot/etc/userdb is created overnight from NIS - it turns out to be *much* faster than doing NIS lookups each time).
Did you start from the dovecot-example.conf as Timo suggested? Probably more reliable than me ;)
Yes, I did. What I've actually got is
auth default { # Space separated list of wanted authentication mechanisms: # plain digest-md5 cram-md5 apop anonymous gssapi mechanisms = plain login # passwd-like file with specified location passdb passwd-file { args = /etc/imap.passwd } userdb passwd-file{ args = /etc/imap.passwd } }
It's the line passdb passwd-file { that it's objecting to. (I kept the original file and deleted a lot of comments from the working one to make it quicker to move around. I displayed line numbers to ensure that I knew which one was the problem.)
Anne
Registered Linux User No.293302 (http://counter.li.org/)
On Saturday 14 Jan 2006 19:11, Timo Sirainen wrote:
On Sat, 2006-01-14 at 15:32 +0000, Anne Wilson wrote:
userdb passwd-file{
You're missing a space in here before '{'.
Well spotted, thanks :-) Last one - last line, so it has to be - #User to use for the process user = root
Unknown setting: user
Anne
Registered Linux User No.293302 (http://counter.li.org/)
On Saturday 14 Jan 2006 19:21, Anne Wilson wrote:
On Saturday 14 Jan 2006 19:11, Timo Sirainen wrote:
On Sat, 2006-01-14 at 15:32 +0000, Anne Wilson wrote:
userdb passwd-file{
You're missing a space in here before '{'.
Well spotted, thanks :-) Last one - last line, so it has to be - #User to use for the process user = root
Unknown setting: user
I commented it out, thinking that a default would be used and should be fine. However, when I try to start dovecot I get 'Fatal: Can't create directory /usr/local/var/run/dovecot: No such file or directory'. I'm sure it should be looking at /var/run/dovecot. I wonder why this is happening? Is it a mistake I made when compiling, or a setting that is wrong somewhere?
Anne
On Saturday 14 Jan 2006 19:21, Anne Wilson wrote:
On Saturday 14 Jan 2006 19:11, Timo Sirainen wrote:
On Sat, 2006-01-14 at 15:32 +0000, Anne Wilson wrote:
userdb passwd-file{
You're missing a space in here before '{'.
Well spotted, thanks :-) Last one - last line, so it has to be - #User to use for the process user = root
Unknown setting: user
Oops - forget the last message. The 'Base directory' line needed uncommenting.
Now dovecot starts and I can telnet localhost 143, but I'm still getting NO authentication. Should I post my config file now?
Anne
On Sat, 2006-01-14 at 22:21 +0000, Anne Wilson wrote:
Now dovecot starts and I can telnet localhost 143, but I'm still getting NO authentication.
Set auth_verbose=yes and auth_debug=yes, and paste what the log file says when logging in?
Should I post my config file now?
Wouldn't hurt either :)
On Saturday 14 Jan 2006 23:29, Timo Sirainen wrote:
On Sat, 2006-01-14 at 22:21 +0000, Anne Wilson wrote:
Now dovecot starts and I can telnet localhost 143, but I'm still getting NO authentication.
Set auth_verbose=yes and auth_debug=yes, and paste what the log file says when logging in?
Should I post my config file now?
Wouldn't hurt either :)
OK - all the info I can gather:
telnet localhost 143 Trying 127.0.0.1... Connected to localhost.localdomain. Escape character is '^]'.
- OK Dovecot ready. x login anne ******** x NO Authentication failed. x logout
- BYE Logging out x OK Logout completed. Connection closed by foreign host.
log_path = /var/log/mail no entry for 15th
/var/log/mail.log No entry for appropriate time.
info_log_path = /var/log/mail.info
(from root console)
dovecot: Jan 15 11:47:02 Info: Dovecot v1.0.alpha5 starting up
dovecot: Jan 15 11:47:21 Info: auth(default): client in: AUTH 1
PLAIN
service=IMAP secured lip=127.0.0.1 rip=127.0.0.1
resp=AGFubmUAc2ltcGxlc3Q=
dovecot: Jan 15 11:47:21 Info: auth(default):
passwd-file(anne,127.0.0.1):
unknown user
dovecot: Jan 15 11:47:22 Info: auth(default): client out: FAIL 1
user=anne
dovecot: Jan 15 11:47:26 Info: imap-login: Aborted login: user=<anne>,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
(from user console)
dovecot: Jan 15 11:50:11 Info: auth(default): client in: AUTH 1
PLAIN
service=IMAP secured lip=127.0.0.1 rip=127.0.0.1
resp=AGFubmUAc2ltcGxlc3Q=
dovecot: Jan 15 11:50:11 Info: auth(default):
passwd-file(anne,127.0.0.1):
unknown user
dovecot: Jan 15 11:50:12 Info: auth(default): client out: FAIL 1
user=anne
dovecot: Jan 15 11:50:18 Info: imap-login: Aborted login: user=<anne>,
method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured
## Dovecot 1.0 configuration file
# '#' character and everything after it is treated as comments. Extra spaces # and tabs are ignored. If you want to use either of these explicitly, put the # value inside quotes, eg.: key = "# char and trailing whitespace "
base_dir = /var/run/dovecot/
protocols = imap
listen = *
# Disable SSL/TLS support. ssl_disable = yes
# Use this logfile instead of syslog(). /dev/stderr can be used if you want to # use stderr for logging (ONLY /dev/stderr - otherwise it is closed). log_path = /var/log/mail
# For informational messages, use this logfile instead of the default info_log_path = /var/log/mail.info
# Prefix for each line written to log file. % codes are in strftime(3) # format. log_timestamp = "%b %d %H:%M:%S "
# Syslog facility to use if you're logging to syslog. Usually if you don't # want to use "mail", you'll use local0..local7. Also other standard # facilities are supported. #syslog_facility = mail
## ## Login processes ##
# all set to default #login_greeting = Dovecot ready. ## ## Mail processes ##
mail_debug = yes
default_mail_env = maildir:~/Mail
# Allow full filesystem access to clients. There's no access checks other than # what the operating system does for the active UID/GID. It works with both # maildir and mboxes, allowing you to prefix mailboxes names with eg. /path/ # or ~user/. #mail_full_filesystem_access = no
## ## IMAP specific settings ##
protocol imap { # Login executable location. login_executable = /usr/local/libexec/dovecot/imap-login
# IMAP executable location mail_executable = /usr/local/libexec/dovecot/imap login_greeting_capability = no }
## ## Authentication processes ##
# Executable location auth_executable = /usr/local/libexec/dovecot/dovecot-auth # Even more verbose logging for debugging purposes. Shows for example SQL # queries. auth_verbose = yes auth_debug = yes
auth default { # Space separated list of wanted authentication mechanisms: # plain digest-md5 cram-md5 apop anonymous gssapi mechanisms = plain login # passwd-like file with specified location passdb passwd-file { args = /etc/imap.passwd } userdb passwd-file { args = /etc/imap.passwd } }
# User to use for the process. This user needs access to only user and # password databases, nothing else. Only shadow and pam authentication # requires roots, so use something else if possible. Note that passwd # authentication with BSDs internally accesses shadow files, which also # requires roots. Note that this user is NOT used to access mails. # That user is specified by userdb above. #user = root
/etc/imap.passwd anne:{plain}******:1000:1000::/home/anne
Anne
On Sun, 2006-01-15 at 12:13 +0000, Anne Wilson wrote:
On Saturday 14 Jan 2006 23:29, Timo Sirainen wrote:
On Sat, 2006-01-14 at 22:21 +0000, Anne Wilson wrote:
Now dovecot starts and I can telnet localhost 143, but I'm still getting NO authentication.
Set auth_verbose=yes and auth_debug=yes, and paste what the log file says when logging in?
Should I post my config file now?
Wouldn't hurt either :)
OK - all the info I can gather: dovecot: Jan 15 11:47:21 Info: auth(default): passwd-file(anne,127.0.0.1): unknown user
This says that it didn't see anne in the passwd-file.
/etc/imap.passwd anne:{plain}******:1000:1000::/home/anne
But it's correctly in here. I can't think of anything else than that it's reading wrong file somehow or that the imap.passwd file contains something else besides what you just pasted. Did you check with for example vi that there are no strange control characters at the beginning of the line?
BTW. I also just added to CVS that it says this at startup if debug is enabled:
auth(default): passwd-file /etc/imap.passwd: Read 1 users
That'll also be helpful when figuring out problems like these..
On Sunday 15 Jan 2006 13:37, Timo Sirainen wrote:
OK - all the info I can gather: dovecot: Jan 15 11:47:21 Info: auth(default): passwd-file(anne,127.0.0.1): unknown user
This says that it didn't see anne in the passwd-file.
/etc/imap.passwd anne:{plain}******:1000:1000::/home/anne
But it's correctly in here. I can't think of anything else than that it's reading wrong file somehow or that the imap.passwd file contains something else besides what you just pasted. Did you check with for example vi that there are no strange control characters at the beginning of the line?
Hi, Timo. I just got in and it's late, so I'll check that in the morning.
BTW. I also just added to CVS that it says this at startup if debug is enabled:
auth(default): passwd-file /etc/imap.passwd: Read 1 users
That'll also be helpful when figuring out problems like these..
If I can't find anything wrong I will delete that file and re-create it, just in case. Could it be a permissions problem? What perms setting do you recommend?
Anne
On Sunday 15 Jan 2006 13:37, Timo Sirainen wrote:
OK - all the info I can gather: dovecot: Jan 15 11:47:21 Info: auth(default): passwd-file(anne,127.0.0.1): unknown user
This says that it didn't see anne in the passwd-file.
/etc/imap.passwd anne:{plain}******:1000:1000::/home/anne
But it's correctly in here. I can't think of anything else than that it's reading wrong file somehow or that the imap.passwd file contains something else besides what you just pasted. Did you check with for example vi that there are no strange control characters at the beginning of the line?
I didn't find anything.
I've not gone away, but I've made a serious Oops with my OS. I'll be back when everything's up and running again.
Anne
On 01/14/2006 09:44:43 AM, Anne Wilson wrote:
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Well, I have 1.0alpha5 installed, and have matched these lines in
thedovecot.conf file.
I hope you didn't copy them exactly, as there is a '[' on the passdb line
where a '{' should have been. FWIW, I have no '=' signs after passdb or userdb
in my (working, but with PAM) configuration.
Regards, Willem Riede.
On Saturday 14 Jan 2006 15:05, Willem Riede wrote:
I hope you didn't copy them exactly, as there is a '[' on the passdb line where a '{' should have been. FWIW, I have no '=' signs after passdb or userdb in my (working, but with PAM) configuration.
Fortunately I was not pasting, so I noticed the type :-). I've put the current error in the reply to Chris.
Thanks for your reply. I'm determined to get this sorted.
Anne
On Sat, 2006-01-14 at 14:44 +0000, Anne Wilson wrote:
On Thursday 12 Jan 2006 21:57, Chris Wakelin wrote:
I've got something like
auth default { mechanisms = plain login passdb = passwd-file [ args = /some/path/passwd } userdb = passwd-file { args = /some/path/passwd } }
Well, I have 1.0alpha5 installed, and have matched these lines in the dovecot.conf file. Now I got Error...... unknown setting: passdb
Looking at the examples I took out the '=' and it seemed to pass that line, but then
Error..... unknown setting: userdb
Taking out the '=' this time just leads to
Error.... expecting '='
Are you sure you're running it with 1.0alpha5? Since this error looks like it's 0.99.x that's parsing the config file. Check with dovecot --version.
On Saturday 14 Jan 2006 18:57, Timo Sirainen wrote:
Are you sure you're running it with 1.0alpha5? Since this error looks like it's 0.99.x that's parsing the config file. Check with dovecot --version.
No, it says 1.0.alpha5.
I have uninstalled the old one, but it is possible that some debris remains. I'll check date/time stamps if you can think of any files that could be causing it. Certainly the new config file being checked is not in the same place as the old one. I know which one is being read because editing out the '=' sign had an effect.
Anne
Registered Linux User No.293302 (http://counter.li.org/)
On Thu, 2006-01-12 at 21:47 +0000, Anne Wilson wrote:
I'm trying to set up a temporary mailserver using Debian Sarge and Dovecot 1.0 with maildir format. My only previous experience has been on a simple imap server.
I have read the wiki documentation and searched the archives, but can't tie down my problem. The log tells me
Info: passwd-file(anne) : unknown user.
I have set auth_userdb = passwd-file /etc/imap.passwd auth_passdb = passwd-file /etc/imap.passwd
and created the /etc/imap.passwd file as anne:{plain}mypassword:1000:1000::/home/anne
That all looks correct. It doesn't give any other error message? And you don't have some other auth_passdbs/auth_userdbs defined in the same config file elsewhere which might mess things up?
Maybe just try 1.0alpha5 instead, it could give you better error messages.
On Saturday 14 Jan 2006 13:12, Timo Sirainen wrote:
That all looks correct. It doesn't give any other error message? And you don't have some other auth_passdbs/auth_userdbs defined in the same config file elsewhere which might mess things up?
No other messages. I don't think I had anything else set that would have messed things up.
Maybe just try 1.0alpha5 instead, it could give you better error messages.
I'm in the midst of setting up the conf file for 1.0alpha5, so I may be back with more questions.
Thanks for answering
Anne
participants (4)
-
Anne Wilson
-
Chris Wakelin
-
Timo Sirainen
-
Willem Riede