We help IT Professionals succeed at work.

Postfix and Cyrus SASL setup

Hi all,

I'm looking for a way to debug my Cyrus SASL authentication layer
without having Postfix in between. I need to determine if Postfix is
the culprit of some issues I'm having or if it's my Cyrus SASL
implementation. I'm going for a common MySQL backend auxprop plugin,
not saslauthd.  I keep seeing the following my logs:

Jan 26 12:30:46 catalyst postfix/smtpd[16205]: warning: SASL
authentication problem: unable to open Berkeley db /etc/sasldb2: No
such file or directory

I do realize that is coming up because the smtpd daemon is chrooted.
My question is, why in the world is it looking there in the first
place, regardless of a chrooted smtpd daemon? I have
/etc/postfix/sasl/smtpd.conf (this is on Ubuntu) configured to use an
sql backend, so I'd imagine it shouldn't bother with a local
filesystem sasldb2.

My smtpd_recipient_restrictions looks like the following:

smtpd_recipient_restrictions =

send restrictions:

smtpd_sender_restrictions =

My sasl configuration parameters:

smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_sasl_path = /etc/postfix/sasl:/usr/lib/sasl2
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain =
smtpd_use_tls = yes
smtpd_tls_cert_file = /etc/postfix/postfix.cert
smtpd_tls_key_file = /etc/postfix/postfix.key
smtpd_data_restrictions = reject_unauth_pipelining

Finally, my smtpd.conf located in /etc/postfix/sasl/smtpd.conf  (I
also created a copy in /usr/lib/sasl2 for reassurance)

root@catalyst:/usr/lib/sasl2# cat smtpd.conf
# Global parameters
log_level: 3
pwcheck_method: auxprop
# aux plugin params
auxprop_plugin: sql
sql_engine: mysql
sql_hostnames: localhost
sql_database: mail
sql_user: mail
sql_passwd: somepasswordhere
sql_select: SELECT %p FROM virtual_users WHERE username = '%u' AND
userrealm = '%r' AND auth = '1'
Watch Question