[Nottingham] Bug: Spurious sasl2 db errors for sasl2 auth password change

Martin martin at ml1.co.uk
Wed Nov 11 13:47:34 UTC 2009


Just a techie gotcha for anyone else playing with this...

If you're using a sasl2 db for a list of passwords, and you try changing
(or creating one) one with:

saslpasswd2 -c

you'll likely get a spurious error in your logs:

saslpasswd2: error deleting entry from sasldb: DB_NOTFOUND: No matching
key/data pair found

That proved to be a good wild goose chase! All the configs looked fine
and upon testing it seemed to all work fine also. I found the
explanation on:


This is part of the SASLv1 -> SASLv2 migration code. It tries to remove
per-mech secrets after creating the generic userPassword plaintext secret.
When no older per-mech secrets exist, you get this message.

This message should probably be downgraded to LOG_WARN.

Indeed so. The wording of the 'error' could certainly be improved to be
more meaningful!

It doesn't stop things working so as a bug, it is completely innocuous.
However, it certainly wastes human time on the wild goose chase...

Where to report that one? No clue other than to dump it onto a specific
distro maintainers... Wild guess to cyrus-bugs (cmu.edu)?

All on:

Linux #1 SMP Fri Oct 23 01:19:00 EDT 2009 x86_64

saslpasswd2 -v

This product includes software developed by Computing Services
at Carnegie Mellon University (http://www.cmu.edu/computing/).

Built against SASL API version 2.1.23
LibSasl version 2.1.23 by "Cyrus SASL"


Martin Lomas
martin at ml1.co.uk

More information about the Nottingham mailing list