https://bugzilla.novell.com/show_bug.cgi?id=331683#c2 --- Comment #2 from Joe Morris 2007-10-08 06:52:55 MST --- Given that I did have auditd running in 10.2, I will assume the problem must be with the uw imap package. I did have an apparmor profile for ipop3d, but had it in complain, so I do not think that is the problem. To test, I went ahead and installed dovecot. After getting it configured, it is working without any problems, so I guess I will switch. I did check via openssl s_client with KDE system Guard open to check the user. When I connected to it was running as root, after I logged in it was running as my user. After what you wrote, I decided if ipop3d does not authenticate correctly now, it may be time to try out dovecot. Thanks for your feedback. I assume then this is a bug in uw imap package. It did work correctly in 10.2, at least there were no errors like there is now. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683#c3 Sierk Bornemann changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |sierkb@gmx.de --- Comment #3 from Sierk Bornemann 2007-11-06 20:03:41 MST --- I have this error message too flooding /var/log/messages, every time my IMAP client polls my UW IMAP server, independently of audit daemon running or not: imapd[12345]: PAM audit_log_acct_message() failed: Operation not permitted -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 User suse-beta@cboltz.de added comment https://bugzilla.novell.com/show_bug.cgi?id=331683#c5 Christian Boltz changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |suse-beta@cboltz.de --- Comment #5 from Christian Boltz 2007-12-09 14:34:32 MST --- (In reply to comment #4 from Joe Morris)

I am not too sure now that the problem is with the uw imap package. I sure seems to be a PAM problem. I am seeing the same error for sshd. Nov 6 17:46:48 server sshd[10109]: PAM audit_log_acct_message() failed: Operation not permitted

The error with sshd is handled in bug 334559

I also see this, not sure it is the same but maybe: Nov 6 14:05:46 server sudo: pam_unix2(sudo:auth): conversation failed

Sounds like a different error to me. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 User joe_morris@ntm.org added comment https://bugzilla.novell.com/show_bug.cgi?id=331683#c7 --- Comment #7 from Joe Morris 2008-01-09 04:43:55 MST --- I am pretty sure it has nothing to the disabling of plaintext passwords. That happened back in 8.2's version. UW imap has not changed that much I suspect since 10.2, where it worked fine. I never tried the 10.2 version in 10.3 to verify (I switched to dovecot), but seeing the same error with other apps, I believe the problem lies in PAM, i.e. Jan 7 17:38:31 server sshd[9395]: PAM audit_log_acct_message() failed: Operation not permitted Jan 7 18:58:13 server sshd[10824]: PAM audit_log_acct_message() failed: Operation not permitted Jan 7 19:26:39 server sshd[11387]: PAM audit_log_acct_message() failed: Operation not permitted Jan 7 19:35:22 server sshd[11572]: PAM audit_log_acct_message() failed: Operation not permitted Jan 7 19:41:30 server sshd[12104]: PAM audit_log_acct_message() failed: Operation not permitted Jan 7 19:47:51 server sshd[12262]: PAM audit_log_acct_message() failed: Operation not permitted This is the same error message, but sshd instead of imapd. That is why I think it may be PAM. But I am sure it is not the switch to no plain text passwords, since that happened before 8.2, and was the same in 10.2 when there were no such errors. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 User drankinatty@suddenlinkmail.com added comment https://bugzilla.novell.com/show_bug.cgi?id=331683#c9 --- Comment #9 from David Rankin 2008-01-09 19:22:28 MST --- Well if it has nothing to do with PAM, How then did Yast screw up the imapd user privilege with a simple Yast install of imap? Second, where is the user for imapd controlled so we can take a look and tell if that is the problem? I have run many servers since SuSE 8.0 and I have never seen such PAM strangeness before. Is there anything I can post that will help shed some light on the situation? I am more than happy to provide any information/logs/test etc.. that will help. I have 1659 of these errors in the past couple of days affecting *both* imapd and sshd: root@bonza:/home/david # grep PAM /var/log/messages > linux/pam_error root@bonza:/home/david # less linux/pam_error < BIG snip > Jan 9 18:00:01 bonza imapd[14318]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 18:00:01 bonza imapd[14319]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 18:00:01 bonza imapd[14320]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 19:00:01 bonza imapd[15253]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 19:00:01 bonza imapd[15255]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 19:00:01 bonza imapd[15256]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 19:20:35 bonza sshd[14788]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 20:00:01 bonza imapd[16200]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 20:00:01 bonza imapd[16219]: PAM audit_log_acct_message() failed: Operation not permitted Jan 9 20:00:01 bonza imapd[16220]: PAM audit_log_acct_message() failed: Operation not permitted linux/pam_error lines 1607-1659/1659 (END) Let me know, I'm glad to help. Thanks! -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 User kukuk@novell.com added comment https://bugzilla.novell.com/show_bug.cgi?id=331683#c11 --- Comment #11 from Thorsten Kukuk 2008-01-10 00:08:23 MST --- (In reply to comment #9 from David Rankin)

How then did Yast screw up the imapd user privilege with a simple Yast install of imap?

Why do you always assume that this bug must be somewhere else and cannot be a simple imap bug? There was a imap version update, too.

Second, where is the user for imapd controlled so we can take a look and tell if that is the problem?

Look at the imapd sources.

I have run many servers since SuSE 8.0 and I have never seen such PAM strangeness before.

*ROTFL* Do you really think bugs has to be in a piece of software with SuSE Linux 8.0 already and cannot be introduced later? Between, even with SuSE Linux 8.0 there were such bugs, but you would not have seen them with such an error message, since no audit support exist at that time, its pretty new. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 User drankinatty@suddenlinkmail.com added comment https://bugzilla.novell.com/show_bug.cgi?id=331683#c13 --- Comment #13 from David Rankin 2008-01-10 00:48:17 MST --- I think I have the latest rpms installed. Here is what is on my system: imap-2006c1_suse-51 imap-lib-2006c1_suse-51 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=331683 Hendrik Vogelsang changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.