Next Step: How to configure Cyrus/SASL with Openldap as non root user in non standard pathes

Angela Marquardt angelamq at gmx.de
Tue Jun 10 09:49:13 EDT 2008


I successfully configured Cyrus/Sasl with Openldap now. I had to play with CPPFlags and LDFlags and had to give physical pathnames instead of symbolic links, there also was a typo in the configure script.

But still saslauthd reports ldap as unknown auth method. Any ideas how to fixed this are appreciated.

Thanks ahead, Angela

Output from Cyrus/SASL config.log:
configure:12106: checking LDAPDB
configure:12109: result: enabled
configure:12278: checking OpenLDAP api
configure:12308: result: yes

Openldap has lots of Cyrus/Sasl libraries loaded, amongst them libldap
 $ pldd 94693 | grep cyrus
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/libsasl2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libsasldb.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libcrammd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libdigestmd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libotp.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libgssapiv2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libplain.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libanonymous.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libldapdb.so.2.0.22


there is a link from /usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2 to /usr/lib/sasl2, containing also slapd.conf:
$ more /usr/lib/sasl2/slapd.conf
mech_list: plain
pwcheck_method: saslauthd
saslauthd_path: /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd

Openldap reads it and reports in /var/adm/messages: (A further mail threads describes these as only warnings.)
Jun 10 14:52:36 D100STU980 slapd[64001]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:36 D100STU980 slapd[64002]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:56 D100STU980 slapd[64491]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied


Starting saslauthd reports:
Jun 10 15:13:42 D100STU980 saslauthd[93245]: [ID 285309 auth.error] set_auth_mech   : unknown authentication mechanism: ldap

Startup command for saslauthd:
saslauthd -d -m /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd \
        -O /usd/as94527a/soft/cyrus-sasl/etc/saslauthd.conf \
        -a ldap -r


-------- Original-Nachricht --------
> Datum: Mon, 09 Jun 2008 16:42:41 +0200
> Von: "Angela Marquardt" <angelamq at gmx.de>
> An: cyrus-sasl at lists.andrew.cmu.edu
> Betreff: How to configure Cyrus/SASL with Openldap as non root user in non	standard pathes

> Hi,
> 
> I am configuring cyrus-sasl 2.1.22 with ldap auth mechanism for openldap
> 2.3.38 on Solaris 10.
> Both the components openldap and cyrus sasl have to be installed into
> special directories (not /usr/lib, /etc, ...) using an technical unix account
> (no root rights/privileges).
> 
> The OpenLdap server is already built with Cyrus Sasl support, pldd on the
> slapd process shows that the libraries are loaded.
> Cyrus Sasl still refuses to be built with ldap support. 
> 
> SASL_PATH and LD_LIBRARY_PATH is already set in the environment of the
> cyrus-sasl account:
> 
>     $ echo $SASL_PATH
>     /usd/as94527a/soft/cyrus-sasl/lib/sasl2
>     $ echo $LD_LIBRARY_PATH
>     :/usd/as94527a/soft/openldap/lib:/usd/as94527a/soft/cyrus-sasl/lib
> 
> The configure file looks like that:
> 
> export CFLAGS=-lsocket
> export CPFLAGS="-I/usd/as94527a/soft/openldap/lib"
> export LDFLAGS="-lsocket -lldap -L/usd/as94527a/soft/openldap/lib"
> 
> ./configure --prefix=/usd/as94527a/soft/cyrus-sasl-2.1.22 \
>                 --sysconfdir=/usd/as94527a/soft/cyrus-sasl-2.1.22/etc \
>                 --with-ldap=/usd/as94527a/soft/openldap \
>                 --enable-ldap \
>                 --with-openssl=/usd/as94527a/soft/openssl \
>                
> --with-dbpath=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/lib/sasl/sasldb2 \
>                
> --with-saslauthd=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd &&
> 
> The config.log always shows:
> configure:12106: checking LDAPDB
> configure:12446: result: disabled
> .....
> LIB_LDAP=''
> .....
> ac_cv_lib_ldap_ldap_initialize=no
> 
> Can someone confirm that configuring cyrus-sasl as non-root user using
> non-standard-directories will work and point me to the missing part?
> 
> Thanks ahead, 
-- 
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/?mc=sv_ext_mf@gmx


More information about the Cyrus-sasl mailing list