"strings -a" still shows password: BDB0073 DB_NOTFOUND
Dan White
dwhite at olp.net
Mon Mar 16 09:52:31 EDT 2015
On 03/12/15 16:58 -0700, Jan Parcel wrote:
>saslpasswd2[9455]: error deleting entry from sasldb: BDB0073
>DB_NOTFOUND: No matching key/data pair found
>
>I get the same error message regardless of whether I am creating or
>deleting a user, but after a deletion, sasldblistusers2 shows the user
>gone, but strings -a sasldb2 | grep 5678 still shows the password in
>there (in the clear, obivously.)
>
>I don't mind a bogus error message but leaving the password behind is
>not OK.
>
>A previous mail said "take care for the domain" -- is there a command
>to find the domain?
>
>I have tried removing bubba or bubba at beerhall, either way the user is
>gone and the passwd remains. I also tried saslpasswd2 -d -u beerhall
>bubba, same result, user is gone, passwd remains.
This is a function of the db library (bekerley) handling how data is stored
and cleaned up on disk. Consult its documentation for how to force data
compaction/cleanup, or find a way to dump and restore the data on disk
after deleting an entry.
--
Dan White
More information about the Cyrus-sasl
mailing list