Many sources claim this is a problem in pam modules. Dovecot wiki http://wiki2.dovecot.org/PasswordDatabase/PAM says they have a pam_maxrequests for this.
I use postfix and courier and wanted to try courier's authdaemon also for SASL because it seems to work over long periods of time. It was not trivial to get its socket into the postfix changeroot as /run is a tmpfs now. So I post this here because this is the first search hit for memory buffer error with saslauthd.
We set /etc/postfix/sasl/smtpd.conf to use authdaemond
Code:
pwcheck_method: authdaemond
mech_list: PLAIN LOGIN
authdaemond_path: /var/run/courier/authdaemon/socket
and insert this into /etc/courier/authdaemonrc
Code:
#allow to change a chrooted postfix sasl configuration to use authdaemond socket
#the socket will be created in postfix chroot and the hardcoded /var/run/courier/authdaemon
#will symlink to it.
#activate /etc/init.d/courier-authdaemon-socket
#with
#update-rc.d courier-authdaemon-socket defaults 19 21
#remove it with
#update-rc.d -f courier-authdaemon-socket remove
#or disable by setting no here
putsocketintopostfixchroot="yes"
postfixchroot="/var/spool/postfix"
#
clean_existing_var_run_courier_in_postfix_chroot="yes"
#
#
and save this script executable as /etc/init.d/courier-authdaemon-socket
Code:
#! /bin/sh -e
#
### BEGIN INIT INFO
# Provides: courier-authdaemon-socket
# Required-Start: $remote_fs $syslog
# Required-Stop: $remote_fs $syslog
# Default-Start: 2 3 4 5
# Default-Stop: 0 1 6
### END INIT INFO
prefix="/usr"
exec_prefix=${prefix}
sysconfdir="/etc/courier"
sbindir="${exec_prefix}/sbin"
daemonscript="${sbindir}/authdaemond"
rundir_courier="/var/run/courier"
rundir="/var/run/courier/authdaemon"
. /lib/lsb/init-functions
#this will import custom variables
#putsocketintopostfixchroot=yes
#postfixchroot="/var/spool/postfix"
#clean_existing_var_run_courier_in_postfix_chroot="yes"
. /etc/courier/authdaemonrc
if [ "${putsocketintopostfixchroot}" != "yes" ]; then
exit 0
fi
# Check for a leftover init script
if [ ! -x $daemonscript ]; then
exit 0
fi
# Check for a running authdaemond
if grep -q authdaemond /proc/$(cat ${rundir}/pid 2>/dev/null)/cmdline 2>/dev/null; then
log_warning_msg "Exiting: detected running authdaemond"
exit 0
fi
case "$1" in
start)
# Prepare daemon socket in postfix chroot.
cd /
log_daemon_msg "Preparing Courier authentication services" "authdaemond"
if [ ! -d "${postfixchroot}" ]; then
log_warning_msg "Exiting: configured chroot directory for postfix does not exist: \"${postfixchroot}\""
exit 0
fi
if [ ! -d "${postfixchroot}/var/run" ]; then
log_warning_msg "Exiting: configured chroot directory for postfix is incomplete: \"${postfixchroot}/var/run\""
exit 0
fi
if [ -d "${postfixchroot}${rundir_courier}" ]; then
if [ "${clean_existing_var_run_courier_in_postfix_chroot}" = "yes" ]; then
rm -rf -- "${postfixchroot}${rundir_courier}"
else
log_warning_msg "Warning: configured to leave existing: \"${postfixchroot}${rundir_courier}\" untouched."
fi
fi
if [ ! -d "${postfixchroot}${rundir_courier}" ]; then
mkdir -m 0775 ${postfixchroot}${rundir_courier}
chown daemon:daemon ${postfixchroot}${rundir_courier}
fi
if [ ! -d "${postfixchroot}${rundir}" ]; then
mkdir -m 0750 ${postfixchroot}${rundir}
chown daemon:sasl ${postfixchroot}${rundir} #original courier initscript uses group "daemon" postfix is in group sasl
fi
#this was the job of the original courier-authdaemon initscript and we need to do this here
if [ ! -d "$rundir_courier" ]; then
mkdir -m 0775 $rundir_courier
chown daemon:daemon $rundir_courier
#but if courier-authdaemon was running before it does not remove the $rundir, so make shure we can link it now
elif [ -d "$rundir" -a ! -h "$rundir" ]; then
rm -rf -- ${rundir}/
fi
if [ ! -d "$rundir" ]; then
ln -s ${postfixchroot}${rundir}/ ${rundir}
fi
log_end_msg 0
;;
stop)
# Delete courier files from postfix chroot.
cd /
log_daemon_msg "Cleaning up Courier authentication services" "authdaemond"
if [ -d "${postfixchroot}${rundir_courier}" ]; then
if [ "${clean_existing_var_run_courier_in_postfix_chroot}" = "yes" ]; then
rm -rf -- "${postfixchroot}${rundir_courier}"
else
log_warning_msg "Not cleaning up, configured to leave existing: \"${postfixchroot}${rundir_courier}\" untouched."
fi
fi
if [ -h "$rundir" ]; then
unlink ${rundir}
fi
log_end_msg 0
;;
restart|force-reload)
$0 stop
$0 start
;;
*)
echo "Usage: $0 {start|stop|restart|force-reload}" >&2
exit 2
;;
esac
exit 0
and activate it as explained in the comment above with
Code:
update-rc.d courier-authdaemon-socket defaults 19 21
to execute before the courier-authdaemon startscript at system boot.
Dont forget to turn off saslauthd (START=no) in /etc/default/saslauthd afterwards.
Reference: http://wiki.tolien.co.uk/Postfix_w/o...ier-Authdaemon
Bookmarks