[Dovecot] Dovecot 1.0.13 ignores auth_krb5_keytab settings

christop christop at physik.tu-berlin.de
Thu Mar 20 00:11:30 EET 2008 

Greetings,
i am using here FreeBSD 7.0-RELEASE amd64 with dovecot 1.0.13. Gssapi
auth on our dovecot setup did not work for some time, so i wanted to fix
it today. I  run into an auth failure, where my mutt was not able to
login. Also mutt was not able to login, i had a
imap/mail2.physik-pool.tu-berlin.de principal in my credentials cache
after an try. I can work around with a "ln -s /etc/mail.krb5.keytab
/etc/krb5.keytab" to this.


MfG
	Christop


Logoutput while try to login with mutt:
[
Mar 19 22:31:01 emmi dovecot: auth(default): new auth connection: pid=228
Mar 19 22:31:01 emmi dovecot: auth(default): client in: AUTH    1
GSSAPI  service=IMAP    secured lip=130.149.58.162
rip=130.149.58.145      resp=bla
Mar 19 22:31:01 emmi dovecot: auth(default): gssapi(?,130.149.58.145):
Obtaining credentials for imap at mail2.physik-pool.tu-berlin.de
Mar 19 22:31:01 emmi dovecot: auth(default): gssapi(?,130.149.58.145):
While processing incoming data:  Miscellaneous failure (see text)
Mar 19 22:31:01 emmi dovecot: auth(default): gssapi(?,130.149.58.145):
While processing incoming data: failed to find
imap/mail2.physik-pool.tu-berlin.de at REALM(kvno 1) in keytab /etc/krb5.keytab
Mar 19 22:31:02 emmi dovecot: auth(default): client out: FAIL   1
]

dovecot -n
[
# 1.0.13: /usr/local/etc/dovecot.conf
protocols: imaps pop3s
listen: mail2.physik-pool.tu-berlin.de
ssl_ca_file: /etc/CA
ssl_cert_file: /etc/CERT
ssl_key_file: /etc/PRIVATEKEY
login_dir: /var/run/dovecot/login
login_executable(default): /usr/local/libexec/dovecot/imap-login
login_executable(imap): /usr/local/libexec/dovecot/imap-login
login_executable(pop3): /usr/local/libexec/dovecot/pop3-login
verbose_proctitle: yes
first_valid_uid: 200
first_valid_gid: 0
mail_privileged_group: mail
mail_location: maildir:~/maildir
mmap_disable: yes
maildir_copy_with_hardlinks: yes
mail_executable(default): /usr/local/libexec/dovecot/imap
mail_executable(imap): /usr/local/libexec/dovecot/imap
mail_executable(pop3): /usr/local/libexec/dovecot/pop3
mail_plugin_dir(default): /usr/local/lib/dovecot/imap
mail_plugin_dir(imap): /usr/local/lib/dovecot/imap
mail_plugin_dir(pop3): /usr/local/lib/dovecot/pop3
imap_client_workarounds(default): delay-newmail outlook-idle
netscape-eoh tb-extra-mailbox-sep
imap_client_workarounds(imap): delay-newmail outlook-idle netscape-eoh
tb-extra-mailbox-sep
imap_client_workarounds(pop3): outlook-idle
pop3_uidl_format(default):
pop3_uidl_format(imap):
pop3_uidl_format(pop3): %08Xu%08Xv
pop3_client_workarounds(default):
pop3_client_workarounds(imap):
pop3_client_workarounds(pop3): outlook-no-nuls oe-ns-eoh
namespace:
  type: private
  separator: /
  inbox: yes
namespace:
  type: private
  separator: /
  prefix: mail/
  location: mbox:~/mail
auth default:
  mechanisms: gssapi plain login
  krb5_keytab: /etc/mail.krb5.keytab
  gssapi_hostname: mail2.physik-pool.tu-berlin.de
  verbose: yes
  debug: yes
  debug_passwords: yes
  passdb:
    driver: pam
  userdb:
    driver: passwd
]

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 890 bytes
Desc: OpenPGP digital signature
Url : http://dovecot.org/pipermail/dovecot/attachments/20080319/6267d4a1/attachment.bin

More information about the dovecot mailing list