Can't change password in cyrus-imapd, pam_mysql
Uno Engborg
uno at webworks.se
Sun Jun 28 01:10:16 UTC 2009
Hi,
I'm trying to set up cyrus-imapd everything works except that I can't
change passwords.
I use mysql to store encrypted passwords, and saslauthd + pam_mysql
If I change the password using in mysql:
UPDATE domainuser VALUES ("user at somedomain.com"
encrypt("newpassword"));
and then do:
testsaslauthd -u 'user at somedomain.com' -p newpassword -s imap -r
somedomain.com
It works just fine:
However, if I do
cyradm -u someuser at somedomain.com localhost
I fail to log in if I use the new password, but I can log in just fine
with the old password, I can even remove someuser at somedomain.com from
the SQL-database, and I can still login to cyradm using the old
password.
If I run saslauthd in debug mode, and try to log in to cyradm or
squirrelmail using the old password I get:
saslauthd[17805] :do_auth : auth success: [user=someuser]
[service=imap] [realm=somedomain.com] [mech=pam]
saslauthd[17805] :do_request : response: OK
If I use the changed password I saslauthd gives:
saslauthd[17804] :rel_accept_lock : released accept lock
saslauthd[17807] :get_accept_lock : acquired accept lock
saslauthd[17804] :do_auth : auth failure: [user=someuser]
[service=imap] [realm=somedomain.com] [mech=pam] [reason=PAM auth error]
I get the impression that pam_mysql somehow caches usernames and
passwords. Is there some way to turn this off, so that passwords can be
changed?
Regards
Uno Engborg
More information about the fedora-list
mailing list