how to *not* use PAM, but sasldb2 on fedora core 5 (coming
from BSD)
Alexander Dalloz
ad+lists at uni-x.org
Fri Mar 31 14:25:46 EST 2006
Am Di, den 28.03.2006 schrieb Timo Schoeler um 18:10:
> i'm in the not-so-lucky (at least for me ;) situation to set up a FC5
> imap server.
>
> it wants to use PAM, which runs fine for me on NetBSD 3.0 e.g., but
> this linux box won't do it:
>
> Mar 28 11:58:48 www perl: No worthy mechs found
> Mar 28 11:58:52 www saslauthd[3238]: do_auth : auth failure:
> [user=cyrus] [service=imap] [realm=localdomain] [mech=pam] [reason=PAM
> auth error
>
> (this is while trying 'cyradm -u cyrus localhost')
>
> the mechs are installed:
>
> cyrus-sasl.i386 2.1.21-10
> cyrus-sasl-lib.i386 2.1.21-10
> cyrus-sasl-md5.i386 2.1.21-10
> cyrus-sasl-plain.i386 2.1.21-10
> cyrus-sasl-devel.i386 2.1.21-10
> cyrus-sasl-gssapi.i386 2.1.21-10
> cyrus-sasl-ldap.i386 2.1.21-10
> cyrus-sasl-ntlm.i386 2.1.21-10
> cyrus-sasl-sql.i386 2.1.21-10
I would
yum remove cyrus-sasl-sql cyrus-sasl-ntlm cyrus-sasl-ldap
cyrus-sasl-gssapi
as those packages aren't needed for your setup. This way some mechs
aren't probed and you'll have no error log messages from them.
> so, has anyone running this setup (FC5, postfix, cyrus, managing mail
> users via saslpasswd & friends) running, and if so, how does one get there?
> timo
Pretty easy to do what you want:
1) service saslauthd stop
2) chkconfig saslauthd off
3) vi /usr/lib/sasl2/smtpd.conf
-> pwcheck_method: auxprop
-> auxprop_plugin: sasldb
-> mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 [just set those you
want to offer]
4) postfix reload
5) saslpasswd2 -c -u localdomain cyrus [omit "-u" if it should your
`hostname`]
add more users as required
6) chown root:mail /etc/sasldb2
7) chmod 640 /etc/sasldb2
8) vi /etc/imapd.conf
-> sasl_pwcheck_method: auxprop
-> sasl_auxprop_plugin: sasldb
-> sasl_mech_list: login plain cram-md5 digest-md5 [just those
mechs to allow]
9) service cyrus-imapd restart
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 21:14:11 up 17 days, 22:01, load average: 0.05, 0.07, 0.07
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Dies ist ein digital signierter Nachrichtenteil
Url : https://lists.andrew.cmu.edu/mailman/private/info-cyrus/attachments/20060331/e7a3dd24/attachment-0001.bin
More information about the Info-cyrus
mailing list