Bug#590598: saslauthd - auth via ldap/sasl logs debug messages
Dan White
dwhite at olp.net
Wed Jul 28 05:56:40 UTC 2010
On 27/07/10 21:59 +0200, Bastian Blank wrote:
>On Tue, Jul 27, 2010 at 02:08:00PM -0500, Dan White wrote:
>> What are the contents of your /etc/default/saslauthd and
>> /etc/saslauthd.conf? What's the output of 'grep -r auth /etc/*syslog*?
>
>| # grep -v "^#" /etc/default/saslauthd | grep -v "^$"
>| START=yes
>| DESC="SASL Authentication Daemon"
>| NAME="saslauthd"
>| MECHANISMS="ldap"
>| MECH_OPTIONS=""
>| THREADS=5
>| OPTIONS="-c -m /var/run/saslauthd"
>| # cat /etc/saslauthd.conf
>| ldap_servers: ldap://ldap.example.org
>| ldap_use_sasl: yes
>| ldap_mech: DIGEST-MD5
>| # grep -r auth /etc/*syslog*
>| /etc/rsyslog.conf:auth,authpriv.* /var/log/auth.log
>| /etc/rsyslog.conf:*.*;auth,authpriv.none -/var/log/syslog
>| /etc/rsyslog.conf: auth,authpriv.none;\
>| /etc/rsyslog.conf: auth,authpriv.none;\
I get the same results, with a similar configuration.
It's because of the 'auth,authpriv.*' line in rsyslogd.conf (it also exists
the same way in the sysklogd package).
The debug statements also happen when bypassing saslauthd:
ldapwhoami -H ldap://192.0.2.1 -U jsmith -Y DIGEST-MD5
or using imtest.
To drop the messages from syslog, replace that line with:
auth,authpriv.info /var/log/auth.log
or some other lower priority level.
--
Dan White
More information about the Pkg-cyrus-sasl2-debian-devel
mailing list