I'm fairly new to MongoDB and LDAP. I'm trying to use LDAP to authenticate users to mongo. these are the steps I have done so far.
sudo chmod 755 /var/run/saslauthd
testsaslauthd -u username -p password -f /var/run/saslauthd/mux
connect(): Permission Denied
sudo testsaslauthd -u username -p password -f /var/run/saslauthd/mux
connect() : Connection refused
Thanks for your question. I've enjoyed setting up my environment to try to reproduce the error. You'll be glad to heard that I don't think it's a difficult problem to overcome. However, I've probably spent more time than I desired setting up MongoDB,
cyrus-sasl-md5, settings permissions, etc. when nothing is actually related with your problem, at least at a first glance.
Your problem (and I'm 90% sure) is either your
saslauthd daemon is not running or it's not properly configured. Let's take a look at the following:
service status. The output of
service saslauthd status should be similar to mine, pasted below. Note some key values such as the location of the init script,
/etc/init.d/saslauthd/ in my case; and the socket,
/var/run/saslauthd/mux, the same file location you need to put in
testsaslauthd [...] -f /var/run/saslauthd/mux command.
root@hectorvp-pc:~# service saslauthd status ● saslauthd.service - LSB: saslauthd startup script Loaded: loaded (/etc/init.d/saslauthd) Active: active (running) since Tue 2016-04-26 12:04:59 BST; 1s ago Docs: man:systemd-sysv-generator(8) Process: 11569 ExecStop=/etc/init.d/saslauthd stop (code=exited, status=0/SUCCESS) Process: 11586 ExecStart=/etc/init.d/saslauthd start (code=exited, status=0/SUCCESS) Memory: 2.0M CGroup: /system.slice/saslauthd.service ├─11606 /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 5 ├─11607 /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 5 ├─11608 /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 5 ├─11609 /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 5 └─11610 /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 5 Apr 26 12:04:59 hectorvp-pc systemd: Starting LSB: saslauthd startup script... Apr 26 12:04:59 hectorvp-pc saslauthd: * Starting SASL Authentication Daemon saslauthd Apr 26 12:04:59 hectorvp-pc saslauthd: detach_tty : master pid is: 11606 Apr 26 12:04:59 hectorvp-pc saslauthd: ipc_init : listening on socket: /var/run/saslauthd/mux Apr 26 12:04:59 hectorvp-pc systemd: Started LSB: saslauthd startup script. Apr 26 12:04:59 hectorvp-pc saslauthd: ...done.
If the service is not running, just start it with
service saslauthd start and check the status again (
service saslauthd status) to check any possible upstream error.
It's also likely your ldap server is not running or missconfigured. You can take a look to the service status as above (
service slapd status).
Please, try this and tell us about the outcome.
EDIT (26/04/2016): From the conversation in the comments of this answer, I've extracted some more steps:
saslauthd service: As indicated here, this service uses the system logs. In my case (Ubuntu) those logs are in
/var/log/syslog but they might be in
/var/log/messages in your case. At least by default. Look at this logs at the time you try to start the service and see if you see any error message that might give you some further insights about what the problem is.
The error appearing in
could not bind to socket : /var/run/saslauthd/mux , bind: address already in use.
We checked the
mux socket using the file command:
file /var/run/saslauthd/mux and the output said it was a directory. It should be a
socket. Then we removed it and restarted the service. Now the service works.