Debian 13 Virtualmin 8.1 issues

Virtualmin
1
SYSTEM INFORMATION
OS type and version Debian 13
Webmin version 2.641
Virtualmin version 8.1.0
Webserver version Apache
Related packages SUGGESTED

Clean install from Hetzner repo.
Cyrus SASL Authentication Server failed to start.

Root Cause — Two Problems

  1. PID file directory /run/saslauthd/ doesn’t exist → systemd can’t write the PID file → startup times out
  2. Socket path mismatch — saslauthd is writing to /var/spool/postfix/var/run/saslauthd/mux (wrong nested path), systemd expects /run/saslauthd/

Fix 1 — Create the missing directory + persist across reboots

bash

mkdir -p /run/saslauthd
chown root:sasl /run/saslauthd
chmod 710 /run/saslauthd

# Make it survive reboots via tmpfiles.d
echo 'd /run/saslauthd 0710 root sasl -' > /etc/tmpfiles.d/saslauthd.conf

Fix 2 — Correct the socket path in /etc/default/saslauthd

bash

nano /etc/default/saslauthd

ini

START=yes
MECHANISMS="pam"
MECH_OPTIONS=""
THREADS=5
OPTIONS="-c -m /run/saslauthd"

The -m /run/saslauthd is the canonical path — not the nested postfix chroot path.

Fix 3 — Give Postfix access via bind mount

Since Postfix runs chrooted at /var/spool/postfix, it can’t see /run/saslauthd directly:

bash

mkdir -p /var/spool/postfix/run/saslauthd

# Add bind mount to /etc/fstab so it survives reboots
echo '/run/saslauthd /var/spool/postfix/run/saslauthd none bind 0 0' >> /etc/fstab

# Mount it now without rebooting
mount --bind /run/saslauthd /var/spool/postfix/run/saslauthd

Fix 4 — Update Postfix SASL config

bash

nano /etc/postfix/sasl/smtpd.conf

pwcheck_method: saslauthd
mech_list: plain login
saslauthd_path: /run/saslauthd/mux

Restart & Verify

bash

systemctl restart saslauthd
systemctl status saslauthd

# Confirm socket exists
ls -la /run/saslauthd/mux

# Test auth
testsaslauthd -u youruser -p yourpassword -s smtp

# Restart Postfix
systemctl restart postfix

You should now see Active: active (running) with no timeout. The key was the missing /run/saslauthd/ directory — systemd’s Type=forking waits for the PID file to appear and kills the process when it never does.

Survival Risk Assessment

File/Change Risk Reason
/etc/default/saslauthd Medium Virtualmin may reset this during postinstall scripts
/etc/postfix/sasl/smtpd.conf Medium Virtualmin manages Postfix configs
/etc/tmpfiles.d/saslauthd.conf Safe :white_check_mark: Not touched by Virtualmin
/etc/fstab bind mount Safe :white_check_mark: Not touched by Virtualmin
/etc/dovecot/conf.d/20-pop3.conf High :warning: Virtualmin actively manages Dovecot config
2

What would be the output of the following command on your Debian 13 system?

cat /etc/postfix/master.cf