[Bug 68108] Re: saslauthd forces directory permissions that prevent postfix access

[Gaetan Nadon]

John,

I did some reading and found a lead that may solve the problem. If not,
we will need to provide steps to reproduce the problem in order to
complete the bug report so it can move forward to development.

Postfix runs in chroot, so 'var/run/saslauthd must be under
/var/spool/postfix. The error message hinted that saslauthd directory is
not in the postfix chroot jail.

I have installed an 8.10 server in a VirtualBox and followed the Ubuntu
Server Guide at https://help.ubuntu.com/community/Postfix. Some key
points here:

============================================
We have to change a few things to make it work properly. Because Postfix runs chrooted in /var/spool/postfix we have change a couple paths to live in the false root. (ie. /var/run/saslauthd becomes /var/spool/postfix/var/run/saslauthd): 

In /etc/default/saslauthd:
PWDIR="/var/spool/postfix/var/run/saslauthd"
PARAMS="-m ${PWDIR}"
PIDFILE="${PWDIR}/saslauthd.pid"
#make sure you set the options here otherwise it ignores params above and will not work
OPTIONS="-c -m /var/spool/postfix/var/run/saslauthd"

Next, we update the dpkg "state" of /var/spool/postfix/var/run/saslauthd. The saslauthd init script uses this setting to create the missing directory with the appropriate permissions and ownership:
dpkg-statoverride --force --update --add root sasl 755 /var/spool/postfix/var/run/saslauthd
sudo /etc/init.d/saslauthd start
==============================================

I first found this guide
https://help.ubuntu.com/8.04/serverguide/C/postfix.html which only
documents the Dovecot SASL implementation and not the Cyrus one. That
would leave the Cyrus SASL unconfigured.

I was able to start saslauthd with no error messages. I have no
experience with mail serrver, so this may not mean much. My role is to
attempt to reproduce the problem so the (completed) bug report can be
moved to "Confirm " and forwarded to development.

If reviewing the configuration does not solve the problem, could you
provide all relevant information so I can make a reasonable attempt to
reproduce and move forward as development will need that info.

BugSquad.



** Changed in: cyrus-sasl2 (Ubuntu)
       Status: New => Incomplete

-- 
saslauthd forces directory permissions that prevent postfix access
https://bugs.launchpad.net/bugs/68108
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to cyrus-sasl2 in ubuntu.