Next Step: How to configure Cyrus/SASL with Openldap as non root user in non standard pathes
Angela Marquardt
angelamq at gmx.de
Tue Jun 10 09:49:13 EDT 2008
I successfully configured Cyrus/Sasl with Openldap now. I had to play with CPPFlags and LDFlags and had to give physical pathnames instead of symbolic links, there also was a typo in the configure script.
But still saslauthd reports ldap as unknown auth method. Any ideas how to fixed this are appreciated.
Thanks ahead, Angela
Output from Cyrus/SASL config.log:
configure:12106: checking LDAPDB
configure:12109: result: enabled
configure:12278: checking OpenLDAP api
configure:12308: result: yes
Openldap has lots of Cyrus/Sasl libraries loaded, amongst them libldap
$ pldd 94693 | grep cyrus
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/libsasl2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libsasldb.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libcrammd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libdigestmd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libotp.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libgssapiv2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libplain.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libanonymous.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libldapdb.so.2.0.22
there is a link from /usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2 to /usr/lib/sasl2, containing also slapd.conf:
$ more /usr/lib/sasl2/slapd.conf
mech_list: plain
pwcheck_method: saslauthd
saslauthd_path: /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd
Openldap reads it and reports in /var/adm/messages: (A further mail threads describes these as only warnings.)
Jun 10 14:52:36 D100STU980 slapd[64001]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:36 D100STU980 slapd[64002]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:56 D100STU980 slapd[64491]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Starting saslauthd reports:
Jun 10 15:13:42 D100STU980 saslauthd[93245]: [ID 285309 auth.error] set_auth_mech : unknown authentication mechanism: ldap
Startup command for saslauthd:
saslauthd -d -m /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd \
-O /usd/as94527a/soft/cyrus-sasl/etc/saslauthd.conf \
-a ldap -r
-------- Original-Nachricht --------
> Datum: Mon, 09 Jun 2008 16:42:41 +0200
> Von: "Angela Marquardt" <angelamq at gmx.de>
> An: cyrus-sasl at lists.andrew.cmu.edu
> Betreff: How to configure Cyrus/SASL with Openldap as non root user in non standard pathes
> Hi,
>
> I am configuring cyrus-sasl 2.1.22 with ldap auth mechanism for openldap
> 2.3.38 on Solaris 10.
> Both the components openldap and cyrus sasl have to be installed into
> special directories (not /usr/lib, /etc, ...) using an technical unix account
> (no root rights/privileges).
>
> The OpenLdap server is already built with Cyrus Sasl support, pldd on the
> slapd process shows that the libraries are loaded.
> Cyrus Sasl still refuses to be built with ldap support.
>
> SASL_PATH and LD_LIBRARY_PATH is already set in the environment of the
> cyrus-sasl account:
>
> $ echo $SASL_PATH
> /usd/as94527a/soft/cyrus-sasl/lib/sasl2
> $ echo $LD_LIBRARY_PATH
> :/usd/as94527a/soft/openldap/lib:/usd/as94527a/soft/cyrus-sasl/lib
>
> The configure file looks like that:
>
> export CFLAGS=-lsocket
> export CPFLAGS="-I/usd/as94527a/soft/openldap/lib"
> export LDFLAGS="-lsocket -lldap -L/usd/as94527a/soft/openldap/lib"
>
> ./configure --prefix=/usd/as94527a/soft/cyrus-sasl-2.1.22 \
> --sysconfdir=/usd/as94527a/soft/cyrus-sasl-2.1.22/etc \
> --with-ldap=/usd/as94527a/soft/openldap \
> --enable-ldap \
> --with-openssl=/usd/as94527a/soft/openssl \
>
> --with-dbpath=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/lib/sasl/sasldb2 \
>
> --with-saslauthd=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd &&
>
> The config.log always shows:
> configure:12106: checking LDAPDB
> configure:12446: result: disabled
> .....
> LIB_LDAP=''
> .....
> ac_cv_lib_ldap_ldap_initialize=no
>
> Can someone confirm that configuring cyrus-sasl as non-root user using
> non-standard-directories will work and point me to the missing part?
>
> Thanks ahead,
--
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/?mc=sv_ext_mf@gmx
More information about the Cyrus-sasl
mailing list