Care must be exercised when using testsaslauthd to check whether SASL authentication is working and saslauthd is configured to use PAM:
# cat /etc/sysconfig/saslauthd SOCKETDIR=/var/run/saslauthd MECH=pam FLAGS=
By default, testsaslauthd test whether the authentication process works by invoking authentication onto the imap service, unless the
-s service is passed along in the command-line. PAM configuration for the imap service is stored in
/etc/pam.d/imap. However, if
cyrus-imapd is not installed, the file
/etc/pam.d/imap won’t exist and thus any try to use testsaslauthd against the default imap service will fail:
# ls -l /etc/pam.d/imap ls: /etc/pam.d/imap: No such file or directory # testsaslauthd -u felipe.alfaro -p password 0: NO "authentication failed" # tail /var/log/messages May 20 16:36:47 mail2 saslauthd: do_auth : auth failure: [user=felipe.alfaro] [service=imap] [realm=] [mech=pam] [reason=PAM auth error # testsaslauthd -s login -u felipe.alfaro -p password 0: OK "Success.