sqwebmail 问题,几求教!!!

擦屁兔兔

另：authdaemonrc start 会Permission denied
这是为什么呢？

yhj1065

我的和楼主出现同样的错误,可是日志里看到这样的现象???
Oct 31 14:32:43 mail authdaemond: Connection to server 'pgsql.example.com' userid 'admin' database 'template1' failed.
Oct 31 14:32:43 mail authdaemond: unknown host name: pgsql.example.com.
Oct 31 14:32:43 mail sqwebmaild: LOGIN FAILED, user=yhj@yhj.com, ip=[192.168.1.8]

不明白的是为什么连接到'pgsql.example.com' 我的server也不是这个啊.直接IP就可以啊...

hongfengyue

给出你们的authmysqlrc文件的内容。这个才好判断。

hzqbbc

原帖由 dwq123 于 2005-7-17 21:19 发表
[quote]原帖由 "wangmingda"]仔细看一下你的日值，[/quote 发表：



这是我的日志中内容：请帮我分析为什么会这样？谢谢！！！

Jul 17 14:58:12 mail sqwebmaild: authdaemon: s_connect ...

从这错误日志看，要么authdaemon没启动，要么启动了但是配置的socket路径不对，只有这样才会报no such file xxx，哦，还有一个比较隐晦的可能，就是打开了SELinux，那么应用程序不知道被屏蔽了访问权限，照样返回no such file xxx（最典型是apache的例子）。

请确认配置或authdaemon的启动情况。

xmy

sqwebmail认证设置不对。

yhj1065

原帖由 hongfengyue 于 2005-10-31 21:59 发表
给出你们的authmysqlrc文件的内容。这个才好判断。

我这里没有authmysqlrc文件,有这几个:
authdaemonrc  authdaemonrc.dist  authldaprc  authldaprc.dist  authpgsqlrc  authpgsqlrc.dist

authdaemonrc文件内容:
##VERSION: $Id: authdaemonrc.in,v 1.13 2005/10/05 00:07:32 mrsam Exp $
#
# Copyright 2000-2005 Double Precision, Inc.  See COPYING for
# distribution information.
#
# authdaemonrc created from authdaemonrc.dist by sysconftool
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# This file configures authdaemond, the resident authentication daemon.
#
# Comments in this file are ignored.  Although this file is intended to
# be sourced as a shell script, authdaemond parses it manually, so
# the acceptable syntax is a bit limited.  Multiline variable contents,
# with the  continuation character, are not allowed.  Everything must
# fit on one line.  Do not use any additional whitespace for indentation,
# or anything else.

##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authcustom authvchkpw authpipe

authmodulelist="authuserdb authpam authpgsql authldap authcustom authvchkpw authpipe"

##NAME: authmodulelistorig:3
#
# This setting is used by Courier's webadmin module, and should be left
# alone

authmodulelistorig="authuserdb authpam authpgsql authldap authcustom authvchkpw authpipe"

##NAME: daemons:0
#
# The number of daemon processes that are started.  authdaemon is typically
# installed where authentication modules are relatively expensive: such
# as authldap, or authmysql, so it's better to have a number of them running.
# PLEASE NOTE:  Some platforms may experience a problem if there's more than
# one daemon.  Specifically, SystemV derived platforms that use TLI with
# socket emulation.  I'm suspicious of TLI's ability to handle multiple
# processes accepting connections on the same filesystem domain socket.
#
# You may need to increase daemons if as your system load increases.  Symptoms
# include sporadic authentication failures.  If you start getting
# authentication failures, increase daemons.  However, the default of 5
# SHOULD be sufficient.  Bumping up daemon count is only a short-term
# solution.  The permanent solution is to add more resources: RAM, faster
# disks, faster CPUs...

daemons=5

##NAME: authdaemonvar:2
#
# authdaemonvar is here, but is not used directly by authdaemond.  It's
# used by various configuration and build scripts, so don't touch it!

authdaemonvar=/usr/local/var/spool/authdaemon

##NAME: DEBUG_LOGIN:0
#
# Dump additional diagnostics to syslog
#
# DEBUG_LOGIN=0   - turn off debugging
# DEBUG_LOGIN=1   - turn on debugging
# DEBUG_LOGIN=2   - turn on debugging + log passwords too
#
# ** YES ** - DEBUG_LOGIN=2 places passwords into syslog.
#
# Note that most information is sent to syslog at level 'debug', so
# you may need to modify your /etc/syslog.conf to be able to see it.

DEBUG_LOGIN=0


##NAME: DEFAULTOPTIONS:0
#
# A comma-separated list of option=value pairs. Each option is applied
# to an account if the account does not have its own specific value for
# that option. So for example, you can set
#   DEFAULTOPTIONS="disablewebmail=1,disableimap=1"
# and then enable webmail and/or imap on individual accounts by setting
# disablewebmail=0 and/or disableimap=0 on the account.

DEFAULTOPTIONS=""

##NAME: LOGGEROPTS:0
#
# courierlogger(1) options, e.g. to set syslog facility
#

LOGGEROPTS=""

##NAME: LDAP_TLS_OPTIONS:0
#
# Options documented in ldap.conf(5) can be set here, prefixed with 'LDAP'.
# Examples:
#
#LDAPTLS_CACERT=/path/to/cacert.pem
#LDAPTLS_REQCERT=demand
#LDAPTLS_CERT=/path/to/clientcert.pem
#LDAPTLS_KEY=/path/to/clientkey.pem

yhj1065

authpgsqlrc文件内容:

##VERSION: $Id: authpgsqlrc,v 1.12 2004/11/25 15:08:27 mrsam Exp $
#
# Copyright 2000-2004 Double Precision, Inc.  See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authpgsqlrc created from authpgsqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions.  This file
# might contain the PostgreSQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value.  Trailing spaces are prohibited.


##NAME: LOCATION:0
#
# The server hostname, port, userid, and password used to log in.
#
# To connect to a filesystem socket, delete PGSQL_HOST, and set PGSQL_PORT to
# the socket's last component.  So, if your pg socket is /tmp/.s.PGSQL.5400
# set PGSQL_PORT to 5400.

PGSQL_HOST              pgsql.example.com
PGSQL_PORT              5400
PGSQL_USERNAME          admin
PGSQL_PASSWORD          admin

##NAME: PGSQL_OPT:0
#
# PGSQL_OPT specifies the connection debug options to PQsetdbLogin().
# Don't bother with this setting unless you know what you're doing
#

# PGSQL_OPT

##NAME: PGSQL_DATABASE:0
#
# The name of the PostgreSQL database we will open:

PGSQL_DATABASE          template1

##NAME: PGSQL_USER_TABLE:0
#
# The name of the table containing your user data.  See README.authmysqlrc
# for the required fields in this table (both MySQL and Postgress use the
# same suggested layout.

PGSQL_USER_TABLE        passwd

##NAME: PGSQL_CRYPT_PWFIELD:0
#
# Either PGSQL_CRYPT_PWFIELD or PGSQL_CLEAR_PWFIELD must be defined.  Both
# are OK too. crypted passwords go into PGSQL_CRYPT_PWFIELD, cleartext
# passwords go into PGSQL_CLEAR_PWFIELD.  Cleartext passwords allow
# CRAM-MD5 authentication to be implemented.

PGSQL_CRYPT_PWFIELD     crypt

##NAME: PGSQL_CLEAR_PWFIELD:0
#
#
# PGSQL_CLEAR_PWFIELD   clear

##NAME: PGSQL_DEFAULT_DOMAIN:0
#
# If DEFAULT_DOMAIN is defined, and someone tries to log in as 'user',
# we will look up 'user@DEFAULT_DOMAIN' instead.
#
#
# DEFAULT_DOMAIN                example.com


##NAME: PGSQL_UID_FIELD:0
#
# Other fields in the mysql table:
#
# PGSQL_UID_FIELD - contains the numerical userid of the account
#
PGSQL_UID_FIELD         uid

##NAME: PGSQL_GID_FIELD:0
#
# Numerical groupid of the account

PGSQL_GID_FIELD         gid

##NAME: PGSQL_LOGIN_FIELD:0
#
# The login id, default is id.  Basically the query is:
#
#  SELECT PGSQL_UID_FIELD, PGSQL_GID_FIELD, ... WHERE id='loginid'
#

PGSQL_LOGIN_FIELD       id

##NAME: PGSQL_HOME_FIELD:0
#

PGSQL_HOME_FIELD        home

##NAME: PGSQL_NAME_FIELD:0
#
# The user's name (optional)

PGSQL_NAME_FIELD        name

##NAME: PGSQL_MAILDIR_FIELD:0
#

# This is an optional field, and can be used to specify an arbitrary
# location of the maildir for the account, which normally defaults to
# $HOME/Maildir (where $HOME is read from PGSQL_HOME_FIELD).
#
# You still need to provide a PGSQL_HOME_FIELD, even if you uncomment this
# out.
#
# PGSQL_MAILDIR_FIELD   maildir

##NAME: PGSQL_DEFAULTDELIVERY:0
#
# Courier mail server only: optional field specifies custom mail delivery
# instructions for this account (if defined) -- essentially overrides
# DEFAULTDELIVERY from ${sysconfdir}/courierd
#
# PGSQL_DEFAULTDELIVERY defaultDelivery

##NAME: PGSQL_QUOTA_FIELD:0
#
# Define PGSQL_QUOTA_FIELD to be the name of the field that can optionally
# specify a maildir quota.  See README.maildirquota for more information
#
# PGSQL_QUOTA_FIELD     quota

##NAME: PGSQL_AUXOPTIONS:0
#
# Auxiliary options.  The PGSQL_AUXOPTIONS field should be a char field that
# contains a single string consisting of comma-separated "ATTRIBUTE=NAME"
# pairs.  These names are additional attributes that define various per-account
# "options", as given in  INSTALL's description of the "Account OPTIONS"
# setting.
#
# PGSQL_AUXOPTIONS_FIELD        auxoptions
#
# You might want to try something like this, if you'd like to use a bunch
# of individual fields, instead of a single text blob:
#

# PGSQL_AUXOPTIONS_FIELD        'disableimap=' || disableimap || ',disablepop3=' || disablepop3 || ',disablewebmail=' || disablewebmail || ',s
haredgroup=' || sharedgroup
#
# This will let you define fields called "disableimap", etc, with the end result
# being something that the OPTIONS parser understands.

##NAME: PGSQL_WHERE_CLAUSE:0
#
# This is optional, PGSQL_WHERE_CLAUSE can be basically set to an arbitrary
# fixed string that is appended to the WHERE clause of our query
#
# PGSQL_WHERE_CLAUSE    server='mailhost.example.com'

##NAME: PGSQL_SELECT_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, PGSQL_SELECT_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will
# be used to do a SELECT operation on database, which should return fields
# in order specified bellow:
#
# username, cryptpw, clearpw, uid, gid, home, maildir, quota, fullname, options
#
# Enabling this option causes ignorance of any other field-related
# options, excluding default domain.
#
# There are two variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. These variables are:
#               $(local_part), $(domain), and $(service)
#
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.   
#
# $(service) will expand out to the service being authenticated: imap, imaps,
# pop3 or pop3s.  Courier mail server only: service will also expand out to
# "courier", when searching for local mail account's location.  In this case,

# if the "maildir" field is not empty it will be used in place of
# DEFAULTDELIVERY.  Courier mail server will also use esmtp when doing
# authenticated ESMTP.
#
# This example is a little bit modified adaptation of vmail-sql
# database scheme:
#
# PGSQL_SELECT_CLAUSE   SELECT popbox.local_part,                       
#                       '{MD5}' || popbox.password_hash,               
#                       popbox.clearpw,                                 
#                       domain.uid,                                    
#                       domain.gid,                                    
#                       domain.path || '/' || popbox.mbox_name),        
#                       '',                                             
#                       domain.quota,                                   
#                       '',                                             
#                       FROM popbox, domain                             
#                       WHERE popbox.local_part = '$(local_part)'      
#                       AND popbox.domain_name = '$(domain)'            
#                       AND popbox.domain_name = domain.domain_name

yhj1065

##NAME: PGSQL_CHPASS_CLAUSE:0
#
# (EXPERIMENTAL)
# This is optional, PGSQL_CHPASS_CLAUSE can be set when you have a database,
# which is structuraly different from proposed. The fixed string will   
# be used to do an UPDATE operation on database. In other words, it is  
# used, when changing password.
#                       
# There are four variables, which you can use. Substitution will be made
# for them, so you can put entered username (local part) and domain name
# in the right place of your query. There variables are:               
#       $(local_part) , $(domain) , $(newpass) , $(newpass_crypt)      
#                       
# If a $(domain) is empty (not given by the remote user) the default domain
# name is used in its place.
# $(newpass) contains plain password
# $(newpass_crypt) contains its crypted form
#
# PGSQL_CHPASS_CLAUSE   UPDATE  popbox                                 
#                       SET     clearpw='$(newpass)',                  
#                               password_hash='$(newpass_crypt)'        
#                       WHERE   local_part='$(local_part)'              
#                       AND     domain_name='$(domain)'
#

yhj1065

原帖由 yhj1065 于 2005-10-31 14:38 发表
我的和楼主出现同样的错误,可是日志里看到这样的现象???
Oct 31 14:32:43 mail authdaemond: Connection to server 'pgsql.example.com' userid 'admin' database 'template1' failed.
Oct 31 14:32:43 mail au ...

为什么我的验证是用pgsql啊,我如何来更改验证方式啊...用MYSQL验证也行啊,这个又如何设置啊?

[ 本帖最后由 yhj1065 于 2005-11-1 18:28 编辑 ]

hongfengyue

如果要使用mysql验证用户那么就修改authdaemonrc.

但是好像你安装courier-authlib的时候没有加入mysql的支持。

##NAME: authmodulelist:2
#
# The authentication modules that are linked into authdaemond.  The
# default list is installed.  You may selectively disable modules simply
# by removing them from the following list.  The available modules you
# can use are: authuserdb authpam authpgsql authldap authcustom authvchkpw authpipe

authmodulelist="authuserdb authpam authpgsql authldap authcustom authvchkpw authpipe"


这里默认好像没有mysql的支持的。



authpgsqlrc文件内容:

##VERSION: $Id: authpgsqlrc,v 1.12 2004/11/25 15:08:27 mrsam Exp $
#
# Copyright 2000-2004 Double Precision, Inc.  See COPYING for
# distribution information.
#
# Do not alter lines that begin with ##, they are used when upgrading
# this configuration.
#
# authpgsqlrc created from authpgsqlrc.dist by sysconftool
#
# DO NOT INSTALL THIS FILE with world read permissions.  This file
# might contain the PostgreSQL admin password!
#
# Each line in this file must follow the following format:
#
# field[spaces|tabs]value
#
# That is, the name of the field, followed by spaces or tabs, followed by
# field value.  Trailing spaces are prohibited.


##NAME: LOCATION:0
#
# The server hostname, port, userid, and password used to log in.
#
# To connect to a filesystem socket, delete PGSQL_HOST, and set PGSQL_PORT to
# the socket's last component.  So, if your pg socket is /tmp/.s.PGSQL.5400
# set PGSQL_PORT to 5400.

PGSQL_HOST              pgsql.example.com
PGSQL_PORT              5400
PGSQL_USERNAME          admin
PGSQL_PASSWORD          admin

你的错误在于你没有正确配置你的authpgsqlrc文件导致的。
PGSQL_HOST              pgsql.example.com
PGSQL_PORT              5400
PGSQL_USERNAME          admin
PGSQL_PASSWORD          admin
这几个参数是默认的参数。你需要修改authpgsqlrc文件来适合你的配置。