[plug] answer: ldap auth + cyrus debian workaround
Craig Ringer
craig at postnewspapers.com.au
Mon May 26 16:43:29 WST 2003
Hi folks
In case anybody ever needs to do this, if you get weird problems under
debian while trying to use cyrus imapd to authentiate via PAM to an LDAP
directory, there is a relatively simple - but non-obvious - fix.
Its apparently to do with some incompatabilities between
libpam_ldap/libnss_ldap/libldap2 and libsasl1/libsasl2 - ugly stuff.
Fixable by recompiling ldap not to use SASL (of course if you like your
LDAP secure, this is a problem).
Errors I encountered that were related to this problem included:
May 26 14:58:01 access master[29546]: process 29791 exited, signaled to
death by 11
a segfault in imtest
auth.log:May 26 15:35:47 access saslauthd[32220]: AUTHFAIL: user=craig
service=imap realm= [PAM auth error]
The quick fix: recompile libldap2 and friends not to use SASL.
# apt-get src libldap2
# cd openldap2-2.0.23
# vi debian/rules
s/--with-cyrus-sasl/--without-cyrus-sasl/
s/--enable-spasswd/--disable-spasswd/
s/--enable-sql/--disable-sql/
# debian/rules binary
then install the following .debs
Hope this saves someone else the hours of f**ing about this retarded bug
cost me.
Craig
More information about the plug
mailing list