Postfix authentication error libsasl12 related?

Discussion in 'Installation/Configuration' started by unclecameron, Apr 6, 2006.

  1. unclecameron

    unclecameron New Member

    Hi all,

    I'm installing the tutorial for debian 3 on one of the virtual machines I built in the xen 3 tutorial, and it won't let me install libsasl2-modules, I get this error:

    The following packages have unmet dependencies:
    libsasl2-modules: Depends: libsasl2 (= 2.1.19-1.5) but 2.1.19-1.9 is to be installed

    I continue to install postfix and then try to run

    Telnet localhost 25

    And get
    Trying 127.0.0.1...
    Connected to localhost.localdomain.
    Escape character is '^]'.
    Connection closed by foreign host.

    I less the mail.err file and it says there an SASL authentication error. Does anyone know how to get libsasl2 installed using apt-get, my apt-get sources are stable, not testing?

    My /etc/postfix/main.cf looks like this:

    # See /usr/share/postfix/main.cf.dist for a commented, more complete version

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings #delay_warning_time = 4h

    myhostname = xen1.logicalwebhost.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = xen1.logicalwebhost.com, localhost.logicalwebhost.com, localhost relayhost = mynetworks = 127.0.0.0/8 mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous broken_sasl_auth_clients = yes smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem smtpd_tls_loglevel = 1 smtpd_tls_received_header = yes smtpd_tls_session_cache_timeout = 3600s tls_random_source = dev:/dev/urandom

    I have checked the Bind config files and they look okay to me.

    Thanks,
    Cameron
     
  2. falko

    falko Super Moderator Howtoforge Staff

    What's in /etc/apt/sources.list?

    This must go into multiple lines:

    Code:
    mydestination = xen1.logicalwebhost.com, localhost.logicalwebhost.com, localhost 
    relayhost = 
    mynetworks = 127.0.0.0/8 
    mailbox_command = procmail -a "$EXTENSION"

    This must be

    Code:
    smtpd_sasl_security_options = noanonymous 
    broken_sasl_auth_clients = yes 
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key 
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt 
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem 
    smtpd_tls_loglevel = 1 
    smtpd_tls_received_header = yes 
    smtpd_tls_session_cache_timeout = 3600s 
    tls_random_source = dev:/dev/urandom
     
  3. unclecameron

    unclecameron New Member

    apt sources and error log

    Thanks,

    All of the lines in the main.cf are actually on separate lines and read like the code you posted. The word wrap on this forum changed them. I checked the /etc/apt/sources.list, and here's what it says:
    ----------------------------------------------
    deb http://mirrors.kernel.org/debian/ stable main
    deb-src http://mirrors.kernel.org/debian/ stable main

    deb http://security.debian.org/ stable/updates main
    ----------------------------------------------
    Is there a way to find out what specific part of the authentication is broken, here is the output from less mail.err (1 line only)
    ----------------------------------------------
    Jul 6 08:00:04 vm01 postfix/smtpd[4576]: fatal: no SASL authentication mechanisms
    ----------------------------------------------
    I ran ps aux|grep sasl and got:
    ----------------------------------------------
    root 4563 0.0 1.2 6868 1648 ? Ss Jul06 0:00 /usr/sbin/saslauthd -m /var/spool/postfix/var/run/saslauthd -r -a pam
    ----------------------------------------------
    any ideas?

    Thanks,
    Cameron
    San Diego
     
  4. falko

    falko Super Moderator Howtoforge Staff

    Please have a look at the Postfix configuration here: http://www.howtoforge.com/perfect_setup_debian_sarge_p4

    What's in /etc/postfix/sasl/smtpd.conf?
     
  5. unclecameron

    unclecameron New Member

    pwcheck_method: saslauthd
    mech_list: plain login
    allow_plaintext: true

    I redid the steps in the postfix and restarted it, but when I run:

    vm01:/etc/postfix/ssl# /etc/init.d/saslauthd start
    Starting SASL Authentication Daemon: (failed).

    but if libsasl2-modules didn't install, sasl wouldn't run, right?

    I tried to reinstall libsasl2 sasl2-bin libsasl2-modules, but I get the same error with the packages, and saslauthd still won't start.

    Thanks,
    Cameron
    San Diego
     
  6. falko

    falko Super Moderator Howtoforge Staff

    Did you change your /etc/apt/sources.list recently? Did you have other sources (testing, unstable) in it?
     
  7. unclecameron

    unclecameron New Member

    Xen Debian reinstall?

    No, I haven't changed anything, but I'm going to start over, I'm having problems with libapache2-mod-perl2 later on in the install, and my perl config is screwing up for spamassassin config. I essentially have a Xen 3 Debian box (your tutorial) that I turned vm01 into a debian 3.0 per your perfect debian 3 install to drop ISPconfig on. So how do I format this vm01 and start over? If I rm -rf * from / on vm01, then how can I bootstrap in and install debian over in this dom1, it will erase that command? If I boot from CD-ROM, I don't think it will see the xen machine.

    Thanks,
    Cameron
    San Diego
     
  8. unclecameron

    unclecameron New Member

    I started over and am having the same problems, I think the reason is that the Xen 3 install uses debootstrap to configure the dom1, and installs testing packages and libraries, then when you try to install the Debian 3 perfect install, none of the packages work because of dependency issues. I'm trying to figure out how to install a base system on dom1 using stable packages to get around this. If anyone knows how, let me know.

    Thanks,
    Cameron
    San Diego
     
  9. falko

    falko Super Moderator Howtoforge Staff

  10. unclecameron

    unclecameron New Member

    I've reformatted my sda and installed Xen 3 with Debian 3 now 4 times, and have the same errors, spent days and I still get the error:

    telnet localhost 25
    Trying 127.0.0.1...
    Connected to localhost.localdomain.
    Escape character is '^]'.
    Connection closed by foreign host.

    my /etc/apt/sources.list says:

    deb http://mirrors.kernel.org/debian/ stable main
    deb-src http://mirrors.kernel.org/debian/ stable main

    deb http://security.debian.org/ stable/updates main

    deb http://mirrors.kernel.org/debian/ stable main
    deb-src http://mirrors.kernel.org/debian/ stable main

    I also get errors with these libraries:
    libdb3++-dev

    so I just didn't install that package, and bind9 seems to work

    /var/log/mail.err says:
    Apr 12 22:29:45 xen1 postfix/smtpd[3353]: fatal: no SASL authentication mechanisms

    I ran:
    xen1:/# dpkg -l |grep libsasl
    ii libsasl2 2.1.19.dfsg1-0.1 Authentication abstraction library

    Is there a way to apt-get remove libsasl2-modules?
    Is there a way to uninstall and reinstall ONLY libsasl and/or saslauthd?

    I've been working on this for days.

    Thanks,
    Cameron
    San Diego
     
  11. unclecameron

    unclecameron New Member

    okay, I figured that out, what I did was

    apt-get remove libsasl*

    then I ran

    apt-get install libsasl2 libsasl2-modules

    then restarted saslauthd and it worked! I don't know why, but it worked.

    Now when I run
    telnet localhost 25

    I get
    220 xen1.logicalwebhost.com ESMTP Postfix (Debian/GNU)
    ehlo localhost
    250-xen1.logicalwebhost.com
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250 8BITMIME

    I don't know why I don't see
    250-STARTTLS
    or
    250-AUTH

    Any ideas? my /etc/postfix/main.cf looks like this:
    ------------------------------------------
    # See /usr/share/postfix/main.cf.dist for a commented, more complete version

    smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
    biff = no

    # appending .domain is the MUA's job.
    append_dot_mydomain = no

    # Uncomment the next line to generate "delayed mail" warnings
    #delay_warning_time = 4h

    myhostname = xen1.logicalwebhost.com
    alias_maps = hash:/etc/aliases
    alias_database = hash:/etc/aliases
    myorigin = /etc/mailname
    mydestination = xen1.logicalwebhost.com, localhost.logicalwebhost.com, localhost
    relayhost =
    mynetworks = 127.0.0.0/8
    mailbox_command = procmail -a "$EXTENSION"
    mailbox_size_limit = 0
    recipient_delimiter = +
    inet_interfaces = all
    smtpd_sasl_local_domain = $myhostname
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    broken_sasl_auth_clients = yes
    smtpd_recipient_restrictions = permit_sasl_authenticated,permit_mynetworks,reject_unauth_destination
    smtpd_tls_auth_only = no
    smtp_use_tls = yes
    smtpd_use_tls = yes
    smtp_tls_note_starttls_offer = yes
    smtpd_tls_key_file = /etc/postfix/ssl/smtpd.key
    smtpd_tls_cert_file = /etc/postfix/ssl/smtpd.crt
    smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
    smtpd_tls_loglevel = 1
    smtpd_tls_received_header = yes
    smtpd_tls_session_cache_timeout = 3600s
    tls_random_source = dev:/dev/urandom
    -----------------------

    Thanks,
    Cameron
    San Diego
     
  12. falko

    falko Super Moderator Howtoforge Staff

  13. unclecameron

    unclecameron New Member

    There are no errors in the mail logs, and I did all the steps to generate the certificates. How can I check the validity of the certificates, and that main.cf is using them?

    Thanks,
    Cameron
    San Diego
     
  14. falko

    falko Super Moderator Howtoforge Staff

    Please re-do all the steps from the Postfix and saslauthd configuration. Please use an SSH client like PuTTY on your client PC (if it's running Windows), and then simply copy & paste the commands from the tutorial.
     
  15. unclecameron

    unclecameron New Member

    I went back and tried to install postfix and all the packages, apparently these were missing:

    Setting up libldap2 (2.1.30-8) ...

    Setting up sasl2-bin (2.1.19-1.5) ...
    Starting SASL Authentication Daemon: (failed).
    invoke-rc.d: initscript saslauthd, action "start" failed.

    Setting up postfix-tls (2.1.5-9) ...
    Starting mail transport agent: Postfix.

    I don't know why, but now
    telnet localhost 25
    works fine

    so I continued to apache install, and now I get:
    The following packages have unmet dependencies:
    libapache2-mod-perl2: Depends: libperl5.8 (>= 5.8.4) but it is not going to be installed
    E: Broken packages

    so I installed apache without libapache2-mod-perl2 since I couldn't solve the dependencies

    Then I got all the way to installing ISPconfig and I got an error with MySQL, which requires me to install zlib1g-dev but that has a dependency problem too, so I'm trying to solve that.

    I really don't want to start over, that would be 5 times, is there a debian tool to help dependency problems?

    Thanks,
    Cameron
    San Diego
     
  16. falko

    falko Super Moderator Howtoforge Staff

    What's in your /etc/apt/sources.list? I guess you mixed Debian stable with testing and unstable?
     

Share This Page