pam authentication | tom's blog

Enviroment:

SuSE Linux 10.1
- pam-0.99.3.0-29.3, pam-modules-10.1-7
- postfix-2.2.9-10
- mysql-5.0.18-20.8, mysql-client-5.0.18-16

I was trying to implement SASL-authentication via PAM (which is using a mysql-backend) in a postfix installation.
Output from maillog:

postfix/smtpd: warning: SASL authentication failure: Password verification failed postfix/smtpd: warning: [x.x.x.x]: SASL PLAIN authentication failed

Checking the syslog:

saslauthd: pam_b1gmail: cannot connect to mysql database (Access denied for user 'xx'@'localhost' (using password: YES)) saslauthd: DEBUG: auth_pam: pam_authenticate failed: Permission denied saslauthd: do_auth : auth failure: [user=xx] [service=smtp] [realm=domain.tld] [mech=pam] [reason=PAM auth error]

Reason:
The PAM module is using a deprecated way to connect to the MySQL-DB.

Solution:
Set the MySQL-Password to OLD_PASSWORD:

SET PASSWORD FOR user'@'localhost' = OLD_PASSWORD('password');

tom's blog

Tag Archives: pam authentication

PAM-Authentication & MySQL (v5) / b1gMail

free software, security and a bunch of my strange thoughts