# [SOLVED] Courier-Imap - Courier-Authlib - PAM Problem

## voldemort

It took me most of a day and half of the night, but I finally have it working.

The symptoms:

1) emerge update

2) etc-update config changes were minor

3) SMTPauth and courier-imap no longer work

The Investigation:

Logfiles report imap-ssl failed to authenticate: imapd: LOGIN FAILED, user=blahblahblah

I turned on full debugging in authdaemonrc.  Full debugging is friggin' useless.  It reports no useful information, only username and attempted password which I knew for a fact were good.

Trying to run authtest against courier-authlib gave the error: Authentication FAILED: Operation not permitted

Debugging reported error: undefined symbol: nscd_flush_cache

Attempted solutions:

I deep emerged older versions of saslauthd, courier-imap, courier-authlib which worked previously but no longer worked.  I installed courier-imap and courier-authlib from current source and got the same error. I cursed and swore.  I considered wiping Gentoo and installing Ubuntu.  Despite exhaustive searches on this forum and lots of people with the same or similar problems, nothing I found worked.

The Holy Grail:

I finally found a site (http://squarism.com)that described a solution to the exact problem I was having and gave a credible explanation.  Courier-authlib has a problem in that courier-libpam builds and links to undefined and weak symbols such as nscd_flush_cache.  All version 0.57 builds may exhibit this problem.  The solution is to mask 0.57 and emerge the older 0.55.

Try this:

# echo ">=net-libs/courier-authlib-0.57" >> /etc/portage/package.mask

# emerge courier-authlib 

BINGO!!  My IMAP, IMAP-SSL now work.  In the past, I have found lots of valuable information to solve problems, so this is my attempt to contribute...

----------

## jguc

Wow.... I've tried everything I have found... nothing worked... but courier-pop3d worked for me, so courier-imapd must work too. That was the solution. Thanks.

```
Dec 15 16:02:50 raichu imapd: LOGIN, user=*****, ip=[::ffff:127.0.0.1], protocol=IMAP
```

----------

## Robert S

Don't know if this is what you are after, but I changed the default authmodulelist in /etc/courier/authlib/authdaemonrc to  *Quote:*   

> authmodulelist="authpam"

 I initially had the same problem and this fixed it.

----------

## jguc

 *Robert S wrote:*   

> Don't know if this is what you are after, but I changed the default authmodulelist in /etc/courier/authlib/authdaemonrc to  *Quote:*   authmodulelist="authpam" I initially had the same problem and this fixed it.

 

I have authdaemondrc like you say, but it doesn't work. With this config and courier-pop3d it works, I can login via "telnet localhost 110" and in /var/log/messages I see that the login is correct, but with courier-imap it always fails. Only the downgrade solved the problem.

----------

## korvus

 *jguc wrote:*   

>  *Robert S wrote:*   Don't know if this is what you are after, but I changed the default authmodulelist in /etc/courier/authlib/authdaemonrc to  *Quote:*   authmodulelist="authpam" I initially had the same problem and this fixed it. 
> 
> I have authdaemondrc like you say, but it doesn't work. With this config and courier-pop3d it works, I can login via "telnet localhost 110" and in /var/log/messages I see that the login is correct, but with courier-imap it always fails. Only the downgrade solved the problem.

 

I did what is perhaps an unwise approach where I did the downgrade (which didn't work) and then I changed the authdaemonrc file (which did).  I can't say for sure if it was just the second step or the combination of both, but either way, I'm up and running again.  Thanks to everyone who posts solutions here.

----------

## mattjgalloway

Changing the authmodulelist setting to authpam only worked for me! Thanks!

----------

## sleepyhead

Thanks for the help.  

I just like to add a few things.  I emerged down authlib .55 and it still didn't work but when i edited authdaemonrc for the "authpam" and restarted courier-authlib it not only restarted that service but the other couriers such imap.  Right away that told me everything was working and sure enough i was able to get my email.  So i then emerged back to .58 and made sure "authpam" was not commented out and that worked as well.  Basically it looked like all I needed to do was uncomment "authpam"

----------

