unable to login

Alexander Dalloz alexander.dalloz at uni-bielefeld.de
Wed Jul 7 12:21:17 EDT 2004

Am Mi, den 07.07.2004 schrieb Louis LeBlanc um 17:09:

> > > This kinda begs the question, what exactly *should* the permissions be
> > > for sasldb2.db?
> > > 
> > > Lou
> > 
> > chown root:root /etc/sasldb2
> > chmod 600 /etc/sasldb2
> > 
> > (the database has no .db ending)
> It appears that the port on FreeBSD does use the .db extension.

Ok, interesting to know.

I must confess that I accidentally thought I would answer a question on
the Fedora list, so it didn't came to my mind that other systems handle
that different.

> Another poster suggested making it owned by cyrus:mail.  I assume your
> imapd is run as root?

No, the cyrus-imapd is running as user cyrus. For authentification the
saslauthd is use, which runs as root, and has the necessary permissions
to read either a sasldb or the shadow file.

Back to the more basic question: it is just important that the user
which needs to read the sasldb has permissions on it, but no other user,
because the auth data is stored in plain format in there.

> Lou


Alexander Dalloz | Enger, Germany | GPG key 1024D/ED695653 1999-07-13
Fedora GNU/Linux Core 2 (Tettnang) on Athlon CPU kernel 2.6.6-1.435.2.3 
Serendipity 18:16:09 up 24 min, 9 average: 2.10, 1.53, 0.86 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20040707/faede72a/attachment.bin

More information about the Info-cyrus mailing list