Solved: Virtual users setup
ogjunk-cyrus at yahoo.com
ogjunk-cyrus at yahoo.com
Tue May 17 17:45:11 EDT 2005
Note:
My solution, described below, is only a solution for "virtual users".
I still haven't found any docs/info about configuring Cyrus for
multiple "virtual domains".
Well, I found this:
http://asg.web.cmu.edu/cyrus/download/imapd/install-virtdomains.html
But that seems to require me to have a machine with multiple IPs/NICs.
Can one configure Cyrus to handle multiple virtual domains on a machine
with just 1 IP?
Thanks,
Otis
--- ogjunk-cyrus at yahoo.com wrote:
> Here is my solution (plain text password passing only.....hm):
>
> 1. /etc/imapd.conf:
>
> sasl_pwcheck_method: auxprop # NOT saslauthd
> sasl_mech_list: PLAIN
> allowplaintext: yes
>
> 2. service saslauthd stop # saslauthd is not needed
>
> 3. /etc/pam.d/imap:
>
> #%PAM-1.0
> auth required /lib/security/pam_stack.so
> service=system-auth
> #account required /lib/security/pam_stack.so
> service=system-auth
> ## the account line would require a real system/UNIX account
> ## the auth line lets me create "virtual users"
>
> 4. create users / passwords in sasldb2:
>
> # saslpasswd2 -c feedback
> Password:
> Again (for verification):
>
> # sasldblistusers2
> feedback at localhost.localdomain: userPassword
>
> 5. test username / password:
>
> # /usr/lib/cyrus-imapd/imtest -a feedback -w PASSWORDHERE localhost
> S: * OK localhost.localdomain Cyrus IMAP4
> v2.2.6-Invoca-RPM-2.2.6-2.FC3.6 server ready
> C: C01 CAPABILITY
> S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ MAILBOX-REFERRALS
> NAMESPACE UIDPLUS ID NO_ATOMIC_RENAME UNSELECT CHILDREN MULTIAPPEND
> BINARY SORT THREAD=ORDEREDSUBJECT THREAD=REFERENCES ANNOTATEMORE IDLE
> STARTTLS LISTEXT LIST-SUBSCRIBED X-NETSCAPES: C01 OK Completed
> C: L01 LOGIN feedback {12}
> S: + go ahead
> C: <omitted>
> S: L01 OK User logged in
> Authenticated.
> Security strength factor: 0
> C: Q01 LOGOUT
> Connection closed.
>
>
>
> So that works without actually having "feedback" system user:
>
> # finger feedback
> finger: feedback: no such user.
>
>
> Now ... this uses plain-text passwords, from what I understand. I
> assume that refers to how they are stored in /etc/sasldb2 - Oh, yes,
> "strings /etc/sasldb2" shows them all very clearly! :(((
>
> Hm, how does one go about encrypting that...
>
> Thanks,
> Otis
---
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list