Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 154095 - sivtest and sieveshell fail eventough sasl succeeds with auth
Summary: sivtest and sieveshell fail eventough sasl succeeds with auth
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: cyrus-imapd
Version: 4.0
Hardware: i386
OS: Linux
Target Milestone: ---
: ---
Assignee: John Dennis
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2005-04-07 08:30 UTC by charles schick
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2005-04-20 08:20:02 UTC
Target Upstream Version:

Attachments (Terms of Use)

Description charles schick 2005-04-07 08:30:39 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050322 Firefox/1.0.2 Red Hat/1.0.2-1.4.1

Description of problem:
sieveshell cannot be executed eventhough sasl authentification is ok

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
install cyrus-imapd and its dependencies

1. open terminal and su -
/usr/sbin/saslauthd -m /var/run/saslauthd -a shadow -d

(this the default startup for saslauthd but with foreground debugging)

2. open second terminal and su -

service cyrus-imapd start 
passwd cyrus (use paswd "toto" for example -- confirm)

3. execute "sieveshell --user=cyrus --auth=cyrus localhost"
enter passwd toto

Actual Results:  unable to connect to server at /usr/bin/sieveshell line 169, <STDIN> line 1.

Expected Results:  a normal login to sieveshell

Additional info:

hi john,

check the terminal running the saslauthd instance and you will see:

do_auth: auth success: [user=cyrus] [service=sieve] [realm=] [mech=shadow]

that sasl authorized access but that sieveshell bombed -- the same holds true for sivtest.

hope you can help!


Charles SHICK

Comment 1 charles schick 2005-04-12 07:56:12 UTC
sieve server process is broken under rhel 4

can we get some help on this?



Comment 2 John Dennis 2005-04-12 16:43:58 UTC
Yup, its in the queue, probably will start looking at it this afternoon.

Comment 3 charles schick 2005-04-13 12:59:06 UTC
hi john

thanks for your note -- i've tried and tried, but have yet to find where it's
coming from.

although not a programmer, i did do an strace which yeilded little information
on localizing the issue. as stupid as it may sound looking at the error message,
i have hunch that the answer will be found in perl, although i did get a mail
message from another user (experiencing same issue) that indicated that
timsieved binary is reponsible. i'll be testing a prebuilt timsieved this
afternoon and see if that sheds some light.



Comment 4 Simon Matter 2005-04-14 11:46:25 UTC
I've investigated this long time ago. IIRC it turned out that sieveshell doesn't
honor the sasl_mech_list option in /etc/imapd.conf (should it?) and also doesn't
allow one to specify the mech to use with something like --mech=PLAIN. I think
it's not a problem of the timsieved server itself but of the managesieve Perl

Comment 5 Simon Matter 2005-04-15 06:21:43 UTC
Hm, no. Now I remember a bit more. It doesn't make sense to run sieveshell as
user cyrus (or every other user defined as cyrus admin). Running it for a valid
IMAP user like this works well for me:

sieveshell -u user -a user localhost

Unfortunately I'm always slow to remember things...

Comment 6 charles schick 2005-04-20 08:20:02 UTC
hi simon,

apologize for the delay --

your comments are quite right -- in principle, user "cyrus" should not receive mail.

well (drum roll please) i found out why: 

cyrus sieve requires that the mailbox exist prior to running sieveshell or
sivtest. having the autocreate feature "on" doesn't help.

aye caramba


Note You need to log in before you can comment on or make changes to this bug.