Postfix Authentication Problem Username

30 posts / 0 new
Last post
#1 Sat, 02/14/2009 - 12:39
mdtiberi

Postfix Authentication Problem Username

Been trying all morning to get postfix to work. Keep getting this error the logs. Forums are no help. Seem to be a simple error but the solution is alluding me.

Thanks.

OS CentOS 5.2

From secure log:

Feb 14 14:38:08 ns1 dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown Feb 14 14:38:08 ns1 dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:xx.xx.xx.138 Feb 14 14:38:08 ns1 dovecot-auth: pam_succeed_if(dovecot:auth): error retrieving information about user admin

From maillog:

dovecot: pop3-login: Disconnected: user=<admin>, method=PLAIN, rip=::ffff:xx.xx.138, lip=::ffff:xx.xx.xx.137, TLS

Post edited by: mdtiberi, at: 2009/02/14 12:41<br><br>Post edited by: mdtiberi, at: 2009/02/19 07:45

Sat, 02/14/2009 - 12:46
andreychek

Well, the error message suggests that there is no user with the name &quot;admin&quot;.

Are you sure that's the correct name -- that there isn't perhaps a trailing domain name after that... maybe &quot;admin@example.com&quot; or &quot;admin.example&quot;?

It should show you the full username when you look in Edit Mail and FTP Users, under &quot;IMAP/FTP login&quot;.
-Eric

Sat, 02/14/2009 - 12:58 (Reply to #2)
mdtiberi

It doesn't seem to matter if the domain name is included or not, same error occurs.

Sat, 02/14/2009 - 13:10 (Reply to #3)
mdtiberi

&quot;It should show you the full username when you look in Edit Mail and FTP Users, under &quot;IMAP/FTP login&quot;

Yes, I checked that its fine.

Sat, 02/14/2009 - 13:14 (Reply to #4)
andreychek

If you log in as root over SSH, and type:

id admin

What does it return?
-Eric

Sat, 02/14/2009 - 13:14 (Reply to #5)
Joe
Joe's picture

Are you using @ in the username? If so, have you read the FAQ about this particular username extension? (You have to configure saslauthd explicitly for this format.)

http://www.virtualmin.com/documentation/id,frequently_asked_questions/#w...

--

Check out the forum guidelines!

Sat, 02/14/2009 - 13:16 (Reply to #6)
mdtiberi

It does show admin.domain.com

I tried both variation in Thunderbird, one with the domain and without with no luck

Sat, 02/14/2009 - 13:21 (Reply to #7)
Joe
Joe's picture

<div class='quote'>It does show admin.domain.com

I tried both variation in Thunderbird, one with the domain and without with no luck </div>

There's no point in trying both variants. The name that it shows <i>is</i> the username. Anything else is either non-existent, or a completely different user.

So, at least now you can test half as much. ;-)

So, what's in the log when you use the right username. Because the one we've seen earlier is expected behavior--you entered a non-existent user (admin), and Dovecot replied correctly that that wasn't a valid login.

I will also take a moment to mention that Dovecot and Postfix are talking two different protocols. Dovecot is for retrieving mail via POP or IMAP. Postfix is for sending mail via SMTP, submission, or SMTPS. Are you having trouble with both services, or just one?

--

Check out the forum guidelines!

Sun, 06/07/2009 - 07:39 (Reply to #8)
mdtiberi

yes, it was a permissions issue. /var/lib/dovecot/ was set to 0770. Corrected, all is good.

BTW, here is the error during install on clamav:

WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94 Recommended version: 0.94.2 -WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net |WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 64.246.134.219)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net \WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 64.246.134.219)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd \WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 35, recommended = 38

Sun, 06/07/2009 - 07:39 (Reply to #9)
mdtiberi

yes, it was a permissions issue. /var/lib/dovecot/ was set to 0770. Corrected, all is good.

BTW, here is the error during install on clamav:

WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94 Recommended version: 0.94.2 -WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 193.1.193.64)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net |WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 64.246.134.219)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net \WARNING: getfile: daily-8139.cdiff not found on remote server (IP: 64.246.134.219)
WARNING: getpatch: Can't download daily-8139.cdiff from database.clamav.net
WARNING: Incremental update failed, trying to download daily.cvd \WARNING: Your ClamAV installation is OUTDATED!
WARNING: Current functionality level = 35, recommended = 38

Sun, 03/15/2009 - 17:40 (Reply to #10)
bwade30

<b>andreychek wrote:</b>
<div class='quote'>Well, the error message suggests that there is no user with the name &quot;admin&quot;.

Are you sure that's the correct name -- that there isn't perhaps a trailing domain name after that... maybe &quot;admin@example.com&quot; or &quot;admin.example&quot;?

It should show you the full username when you look in Edit Mail and FTP Users, under &quot;IMAP/FTP login&quot;.
-Eric</div>

Any update on this? I too tried to install on clean centos 5.2 today and got the same issue. Please let us know what the status is on this.

Thanks!
Ben

Sun, 03/15/2009 - 22:35 (Reply to #11)
Joe
Joe's picture

<div class='quote'>Any update on this? I too tried to install on clean centos 5.2 today and got the same issue. Please let us know what the status is on this.</div>

What issue are you talking about?

--

Check out the forum guidelines!

Sun, 03/15/2009 - 17:41 (Reply to #12)
bwade30

<b>andreychek wrote:</b>
<div class='quote'>Well, the error message suggests that there is no user with the name &quot;admin&quot;.

Are you sure that's the correct name -- that there isn't perhaps a trailing domain name after that... maybe &quot;admin@example.com&quot; or &quot;admin.example&quot;?

It should show you the full username when you look in Edit Mail and FTP Users, under &quot;IMAP/FTP login&quot;.
-Eric</div>

Sorry, that above quote was incorrect and there is a bug in the forum to edit posts. Anyway, let us know what the staus is on the install.sh script and clamav version error.

Thanks,
Ben

Mon, 03/16/2009 - 10:54 (Reply to #13)
bwade30

I can't install virtualmin with the install.sh file. It stops at the clamav version warning and it's done.

FATAL - Fatal Error Occurred: Installation of virtualmin-release failed: 1
FATAL - Cannot continue installation.
FATAL - Attempting to remove virtualmin repository configuration, so the installation can be
FATAL - re-attempted after any problems have been resolved.
FATAL - Removing temporary directory and files.
FATAL - If you are unsure of what went wrong, you may wish to review the log
FATAL - in /root/virtualmin-install.log

so, I ran this a got this:
# /bin/sh install.sh --uninstall
Running uninstall scripts ..
Deleted init script /etc/rc.d/init.d/webmin
Done. There's probably quite a bit of related packages and such left behind
but all of the Virtualmin-specific packages have been removed.

Then tried to reinstall and get this.

INFO - Installing Virtualmin and all related packages now using the command:
INFO - yum -y -d 2 install virtualmin-base
...in progress, please wait... |WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94 Recommended version: 0.94.2 /Enabling quotas on filesystem for /home INFO - yum -y -d 2 install virtualmin-base: Succeeded.
INFO - Checking for updates to Virtualmin-related packages...
...in progress, please wait... INFO - /usr/bin/yum -y -d 2 install bind bind-utils caching-nameserver httpd postfix bind spamassassin procmail perl-DBD-Pg perl-DBD-MySQL quota iptables openssl python mailman subversion mysql mysql-server mysql-devel postgresql postgresql-server rh-postgresql rh-postgresql-server logrotate webalizer php php-domxl php-gd php-imap php-mysql php-odbc php-pear php-pgsql php-snmp php-xmlrpc php-mbstring mod_perl mod_python cyrus-sasl dovecot spamassassin mod_dav_svn cyrus-sasl-gssapi mod_ssl ruby ruby-devel rubygems perl-XML-Simple perl-Crypt-SSLeay: Succeeded.

So, i think everything is ok so I go to the link via browser and nothing pulls up. it just times out.

Something is wrong.

I tried this on a clean installation of centos 5.2. It could be something I've done, but I just don't know what it is.

Mon, 03/16/2009 - 10:58 (Reply to #14)
andreychek

For future reference, it's best to start a new topic, as this isn't related to the &quot;Postfix Authentication problem&quot; thread it's in :-)

However, can you attach your /root/virtualmin-install.log file? That may offer some hints on what went wrong.

Also, what kind of server are you installing this onto, and how much RAM do you have?
-Eric

Mon, 03/16/2009 - 11:25 (Reply to #15)
bwade30

SOrry, I will start a new topic if it's necessary. i have 4gb of ram.

anyway, I figured my issue had some similarities to this thread. ie. this message about the clamav version warning. THis was posted in ealier posts of this thread.

INFO - Installing Virtualmin and all related packages now using the command:
INFO - yum -y -d 2 install virtualmin-base
...in progress, please wait... |WARNING: Your ClamAV installation is OUTDATED!
WARNING: Local version: 0.94 Recommended version: 0.94.2 /Enabling quotas on filesystem for /home INFO - yum -y -d 2 install virtualmin-base: Succeeded.
INFO - Checking for updates to Virtualmin-related packages...

Also, my server sysadmin told me to go here and post and monitor this issue to see if there is a fix or any updates:

anyway, attached is the log.

Mon, 03/16/2009 - 11:26 (Reply to #16)
bwade30

sorry it didn't attach last post due to it being a .log file. [file name=virtualmin_install-c9069ef247e3c95462288c64ce14ceaa.txt size=67811]http://www.virtualmin.com/components/com_fireboard/uploaded/files/virtua...

Mon, 03/16/2009 - 11:34 (Reply to #17)
andreychek

It's okay, don't worry about the new thread at the moment -- but I think the ClamAV issue is a red herring, as they say, I don't think it's the main issue here.

Something else seems to be going on at the moment, and I'm not sure what at the moment :-)

Aside from Webmin timing out, is the server otherwise working? Do you see Postfix, Apache, and Dovecot running?

What happens if you do this:

/etc/init.d/webmin stop
killall miniserv.pl

Wait a few seconds, and then start Webmin back up:

/etc/init.d/webmin start

Does it work for you at that point?
-Eric

Mon, 03/16/2009 - 11:45 (Reply to #18)
bwade30

this is what i get:

/etc/init.d/webmin stop
Stopping Webmin server in /usr/libexec/webmin
killall miniserv.pl
miniserv.pl: no process killed
/etc/init.d/webmin start

I then go to my browser and the same thing happens. It times out:

http://216.83.111.34:1000

It's like nothing got installed. ie. apache or php, mysql, or anything. There's nothing on the server for these items.

Mon, 03/16/2009 - 11:52 (Reply to #19)
andreychek

Aha!

Rather than what you typed above -- first, try the port &quot;10000&quot; rather than &quot;1000&quot;, and use &quot;https&quot; rather than &quot;http&quot;. That is, try this URL:

https://216.83.111.34:10000/

That actually loads up just fine here.
-Eric

Mon, 03/16/2009 - 11:56 (Reply to #20)
bwade30

wow, i feel like an idiot. Ok, it looks like it works!

Sat, 02/14/2009 - 13:28
mdtiberi

When I login to root I am logging in to my server domain (ns1) which points to my virtuals. id admin is unknown then because I created this particular user in one of my virtuals not ns1.

I did read the FAQ on usernames.

Sat, 02/14/2009 - 13:43 (Reply to #22)
Joe
Joe's picture

<div class='quote'>When I login to root I am logging in to my server domain (ns1) which points to my virtuals. id admin is unknown then because I created this particular user in one of my virtuals not ns1.</div>

I have no idea what this means. ;-)

Logging in as root is always the same, no matter what domain you connected to.

When you look in Virtualmin on the page Eric mentioned (&quot;Edit Mail and FTP Users&quot; under &quot;IMAP/FTP login&quot;) that <i>is</i> the username. I'm not asking what it is, or what you think it ought to be--I want to see the log entries from when you tried to login using that username (the one Virtualmin tells you is the right one).

Let's not debate what the username is...the username <i>is</i> whatever Virtualmin tells you it is (which is what you told Virtualmin to make it, based on its configuration). There is no debating the username, and no need to think hard about it--look at that page and it will tell you.

Once you know the username, try to log in with that username. Look at the maillog, and copy/paste the error here. We need to to see an error that indicates what the problem is, and so far, the only log we've seen is one for a non-existent username--and it was behaving exactly correct in that circumstance. There is no problem to fix in the log entry we've seen so far. So we need to see more.

I'd also like to know if we're talking about a Postfix problem, a Dovecot problem, or both, so I know where to point you with regard to solving the problem (once we know what the problem is, based on the log entries).

--

Check out the forum guidelines!

Sat, 02/14/2009 - 13:40
mdtiberi

added the -r flag

Sat, 02/14/2009 - 13:44 (Reply to #24)
Joe
Joe's picture

<div class='quote'>added the -r flag</div>

Why? Earlier, you indicated the username was admin.domain.com. That has no @ in it, anywhere. ;-)

--

Check out the forum guidelines!

Sat, 02/14/2009 - 14:05
mdtiberi

Sorry Joe, my brain is a bit frazzled. I understand what you mean on user names, got it! It's just a little different convention then what I am used to. That problem solved. Now a new one:

Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): mkdir(/var/lib/dovecot/index/admin.principia-optics/.INBOX) failed: Permission denied
Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): mkdir(/var/lib/dovecot/control/admin.principia-optics/.INBOX) failed: Permission denied
Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): mkdir(/var/lib/dovecot/index/admin.principia-optics/.INBOX) failed: Permission denied
Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): mkdir(/var/lib/dovecot/control/admin.principia-optics/.INBOX) failed: Permission denied
Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): Couldn't open INBOX: Internal error occurred. Refer to server log for more information. [2009-02-14 16:15:15]
Feb 14 16:15:15 ns1 dovecot: POP3(admin.principia-optics): Couldn't open INBOX top=0/0, retr=0/0, del=0/0, size=0

Thanks Joe for helping out. I know you probaly have something better to do on Valentines day

Sat, 02/14/2009 - 14:24 (Reply to #26)
Joe
Joe's picture

Does /var/lib/dovecot/index and /var/lib/dovecot/control exist? And are those world writable (777) and the directories leading up to it world-readable and world-executable (755)?

What OS are you on, and did you install Virtualmin using install.sh? This shouldn't be happening on a system installed using install.sh, so I'd like to dig in to make sure we haven't broken something in our installer recently.

--

Check out the forum guidelines!

Sat, 02/14/2009 - 15:00 (Reply to #27)
mdtiberi

CentOS 5.2

I did use installer.sh. One thing that I did notice was that it could not update the clamav-db, couldn't connect I think.

I'll check permissions tomorrow or I could just start over since its just a test-bed server for now.

BTW, I am going to put together the things I have learned as a former Plesk user and what to expect using Vmin. The user name thing was definitely something to keep an eye out on.

Thanks again.

Sat, 02/14/2009 - 16:39 (Reply to #28)
Joe
Joe's picture

<div class='quote'>One thing that I did notice was that it could not update the clamav-db, couldn't connect I think.</div>

Unrelated, and temporary. (And ClamAV is the most chattery beast on any server...complains <i>all the time</i>, even about little things.)

<div class='quote'>BTW, I am going to put together the things I have learned as a former Plesk user and what to expect using Vmin.</div>

That'd be great. I made one for recovering cPanel users a couple of years ago, but I haven't seen enough Plesk systems to know anything useful about guiding people on the differences. Feel free to start a wiki page, similar to the cPanel one.

--

Check out the forum guidelines!

Sun, 02/15/2009 - 12:01
Joe
Joe's picture

Yes. I know about that. As I said, ClamAV is very chattery. Almost all of those are stupid and pointless warnings (the version warning does have some meaning, and I'm working on an update right now, but all of the cdiff stuff is temporary errors and really shouldn't be shouting about it all the time).

--

Check out the forum guidelines!

Topic locked