postfix error? warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory

Help! (Home for newbies)
21

Have you tried my suggestions.

22

Actually it doesn’t sound like saslauthd is running. Check /etc/default/saslauthd and check the line START=yes is uncommented.

Then restart the server and you should get a message to say it started successfully.

23

Okay,

I’ve managed to fix this issue on Debian Sarge.

I was getting the following error.
warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory

So I stopped the services and created the directory
/var/spool/postfix/var/run/saslauthd

and created a symlink from /var/run/saslauthd to /var/spool/postfix/var/run/saslauthd

Then i granted permission to the directory to the mail group and made sure that postfix was a member of this group.

It all now seems to work and email is working perfectly :wink:

Adam

24

Hey Adam, Can you explain in just a bit more detail your statement "Then i granted permission to the directory to the mail group and made sure that postfix was a member of this group."

Thanks. I"m close to getting this whole thing working but I wanna be sure I get this stuff right.

25

Ref:
16: Re: Re: postfix error? warning: SASL authentication problem: unable to open Berkeley db /etc/sasldb2: No such file or directory In response to 12 12/09/06 09:40 PM
[[ Forward ]]
Hey Adam, Can you explain in just a bit more detail your statement "Then i granted permission to the directory to the mail group and made sure that postfix was a member of this group."

Thanks. I"m close to getting this whole thing working but I wanna be sure I get this stuff right.

What they’re referring to is, make sure that the postfix user is in the same group that has permission to access SASL. This, plus the fact that Debian wants the SASL config in /etc/postfix/sasl, caused me no end of grief…

I used ‘adduser postfix sasl’ to add the user ‘postfix’ (the default user that runs the Postfix daemons) to the group ‘sasl’ (which is the group that is granted permission to access the SASL services, root being the user that owns it). That, plus linking /etc/postfix/sasl/smtpd.conf (from it’s default location) cleared things up.

This also assumes you’ve followed through the docs and how-to and everything actually pretends to work :slight_smile:

26

Alright to add to this thread:

Here’s the definitive way to correct saslauthd problems on Debian and Ubuntu (almost certainly):

<b>Fix the chroot issue</b>

mkdir -p /var/spool/postfix/var/run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd

vi /etc/default/saslauthd

Make it look like this (uncomment START=yes, and add PARAMS=…):

This needs to be uncommented before saslauthd will be run automatically

START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

You must specify the authentication mechanisms you wish to use.

This defaults to "pam" for PAM support, but may also include

"shadow" or "sasldb", like this:

MECHANISMS="pam shadow"

MECHANISMS="pam"

<b>Fix the stupid default auth methods</b>

echo "pwcheck_method: saslauthd"] /etc/postfix/sasl/smtpd.conf
echo "mech_list: PLAIN LOGIN"]> /etc/postfix/sasl/smtpd.conf

<b>Restart the services</b>

invoke-rc.d saslauthd restart
invoke-rc.d postfix restart

<b>Get the permissions right on the saslauthd directory</b>

chmod 755 /var/spool/postfix/var/run/saslauthd

<b>Test it (what you type is emphasized</b>

telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]]’.
220 domain.tld ESMTP Postfix (Ubuntu)
EHLO localhost
250-domain.ltd
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
QUIT

If you get the AUTH LOGIN PLAIN bit, then all is well. Anything else, and something is wrong.

This will be fixed in the next version of install.sh, and I’ll write a small standalone “fix-the-stupid-debian-defaults” script for folks who’ve already installed and post a link to this thread. :wink:

27

Does this work for centos install as well?

28

Does this work for centos install as well?

29

Hey Geoff,

CentOS ought to be working out of the box. :wink:

If it isn’t, then we’ll need to track down what went wrong. These exact steps definitely will not work on CentOS (it’s much easier on CentOS, as postfix doesn’t run chrooted). It’s definitely not going to be the same problems the Debian/Ubuntu folks are running into.

Start a fresh thread and include the maillog entries from a failed login attempt, or drop me an email with your box details and I’ll drop in and beat some sense into it. (CentOS is very well-understood at this point…any problems will be easy and quick to fix once we’ve identified them.)

30

Alright to add to this thread:

Here’s the definitive way to correct saslauthd problems on Debian and Ubuntu (almost certainly):

<b>Fix the chroot issue</b>

mkdir -p /var/spool/postfix/var/run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd

vi /etc/default/saslauthd

Make it look like this (uncomment START=yes, and add PARAMS=…):

This needs to be uncommented before saslauthd will be run automatically

START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

You must specify the authentication mechanisms you wish to use.

This defaults to "pam" for PAM support, but may also include

"shadow" or "sasldb", like this:

MECHANISMS="pam shadow"

MECHANISMS="pam"

<b>Fix the stupid default auth methods</b>

echo "pwcheck_method: saslauthd"] /etc/postfix/sasl/smtpd.conf
echo "mech_list: PLAIN LOGIN"]> /etc/postfix/sasl/smtpd.conf

<b>Restart the services</b>

invoke-rc.d saslauthd restart
invoke-rc.d postfix restart

<b>Get the permissions right on the saslauthd directory</b>

chmod 755 /var/spool/postfix/var/run/saslauthd

<b>Test it (what you type is emphasized</b>

telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]]’.
220 domain.tld ESMTP Postfix (Ubuntu)
EHLO localhost
250-domain.ltd
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
QUIT

If you get the AUTH LOGIN PLAIN bit, then all is well. Anything else, and something is wrong.

This will be fixed in the next version of install.sh, and I’ll write a small standalone “fix-the-stupid-debian-defaults” script for folks who’ve already installed and post a link to this thread. :wink:

31

Hi Joe,
the script mentioned to fix the problems on debian seems not to be in the installation scripts. I initially installed Virtualmin Pro in January initially on Debian and the bug seems still to be existent.

regards Dirk

32

Hi Joe,
the script mentioned to fix the problems on debian seems not to be in the installation scripts. I initially installed Virtualmin Pro in January initially on Debian and the bug seems still to be existent.

regards Dirk

33

Hey Dirk,

It should finally be fixed in the installer.

And there’s now a mail-setup.pl script in the http://software.virtualmin.com/lib directory that should setup Postfix, Dovecot, and saslauthd on any platform that Virtualmin Professional is supported on, as long as all packages are installed.

34

Alright to add to this thread:

Here’s the definitive way to correct saslauthd problems on Debian and Ubuntu (almost certainly):

<b>Fix the chroot issue</b>

mkdir -p /var/spool/postfix/var/run/saslauthd
ln -s /var/spool/postfix/var/run/saslauthd /var/run/saslauthd

vi /etc/default/saslauthd

Make it look like this (uncomment START=yes, and add PARAMS=…):

This needs to be uncommented before saslauthd will be run automatically

START=yes

PARAMS="-m /var/spool/postfix/var/run/saslauthd -r"

You must specify the authentication mechanisms you wish to use.

This defaults to "pam" for PAM support, but may also include

"shadow" or "sasldb", like this:

MECHANISMS="pam shadow"

MECHANISMS="pam"

<b>Fix the stupid default auth methods</b>

echo "pwcheck_method: saslauthd"] /etc/postfix/sasl/smtpd.conf
echo "mech_list: PLAIN LOGIN"]> /etc/postfix/sasl/smtpd.conf

<b>Restart the services</b>

invoke-rc.d saslauthd restart
invoke-rc.d postfix restart

<b>Get the permissions right on the saslauthd directory</b>

chmod 755 /var/spool/postfix/var/run/saslauthd

<b>Test it (what you type is emphasized</b>

telnet localhost 25
Trying 127.0.0.1…
Connected to localhost.
Escape character is ‘^]]’.
220 domain.tld ESMTP Postfix (Ubuntu)
EHLO localhost
250-domain.ltd
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH LOGIN PLAIN
250-AUTH=LOGIN PLAIN
250 8BITMIME
QUIT

If you get the AUTH LOGIN PLAIN bit, then all is well. Anything else, and something is wrong.

This will be fixed in the next version of install.sh, and I’ll write a small standalone “fix-the-stupid-debian-defaults” script for folks who’ve already installed and post a link to this thread. :wink: