sasldb2 migration

Dan White dwhite at
Thu Jun 18 10:17:40 EDT 2015

On Tue, Jun 16, 2015 at 8:02 PM, Dan White <dwhite at> wrote:
>> On 06/16/15 18:43 +0300, Konstantin wrote:
>>> cyrus-sasl-2.1.23-15.el6_6.2.x86_64
>>> Many users saved in /etc/sasldb2 Berkeley DB file.
>>> New server is Gentoo. I've installed dev-libs/cyrus-sasl-2.1.23-r7.
>>> New file /etc/sasl2/sasldb2 seems have another db type.
>>> /etc/sasl2/sasldb2: GNU dbm 1.x or ndbm database, little endian, 64-bit
>>> How can i migrate (dump) sasldb2 file to Gentoo?
>> You could dump the contents on the old system with db_dump -p <file>,
>> and feed/massage that data into 'saslpasswd2 -p' on the new system.

On 06/18/15 14:48 +0300, Konstantin wrote:
>I've disabled gdbm USE flag for dev-libs/cyrus-sasl-2.1.26-r9.
>So now it has only following flags enabled:
>berkdb pam ssl
>After that i was able to copy old db file to /etc/sasl2/sasldb2
>I can list users wuthsasldblistusers2
>user1 at userPassword
>user2 at userPassword
>Here is the new issue i have. After i added new user i see
>test at cmusaslsecretOTP
>user1 at userPassword
>user2 at userPassword
>Can i disable OTP and use only old method without recompilation ?

Removing the libotp shared library from your filesystem, or recompiling
without otp support if you compiled libsasl statically, will prevent the
cmusaslsecretOTP from being generated, the next time you run saslpasswd2.

Dan White

More information about the Cyrus-sasl mailing list