sasldb2 set secret not seen
jmc-cyrus at sociology.osu.edu
Thu Dec 26 16:41:53 EST 2002
I've upgraded from cyrus 2.0.14 and sasl 1.5.24 (I think it was)
to cyrus 2.1.11 and sasl 2.1.10 on freebsd 4.5.
I used the freebsd ports for the recent reinstallation, thanks Hajimu.
I had been using with the earlier cyrus version the feature
auto transition, such that a plain/login success through pam
would add the user/pw information into the sasldb.
Future authentications could then be done with challenge
response from the sasldb, since the "set secret" code
fed the sasldb file.
With the new versions, I don't get transition from
pam login/plain authentication into the sasldb2 file.
I'd expect perhaps success with the
fragment of my imapd.conf - specifying ...
#would probably be right (or with the order reversed?)
# If enabled, the SASL library will automatically create authentication
# secrets when given a plaintext password. See the SASL documentation.
# When set to 'yes' and when using the sasldb auxprop plugin, automatically
# users to other mechs when they do a successful plaintext authentication
I also wonder what I should set for
I want pam to do plain/login and saslauthd to service other requests.
Anyway, I'm not getting auto transition to the sasldb file. My imapd account
(cyrus) has rw access to /usr/local/etc/sasldb2 which is the file of concern.
Can anyone suggest why I'm having trouble stuffing the sasldb file?
I've seen others have trouble with this auto transition also.
Not unrelated, I'm having trouble understanding the basis for
two conflicting-to-me statements in the documentation
(There's no point in enabling this option if "pwcheck_method" is "auxprop",
and the sasldb plugin is installed)
says about auto_transition
When set to 'yes' and when using the sasldb auxprop plugin, automatically
transition users to other mechs when they do a successful plaintext
What makes there be "no point" when it appears to be recommended for the
behavior to function?
More information about the Info-cyrus