saslauthd vs auxprop
morgan at orst.edu
Mon Jan 10 02:38:59 EST 2011
On Sun, 9 Jan 2011, jonr at destar.net wrote:
> I cannot wrap my mind around saslauthd and auxprop.
> Does auxprop use the sasldb file to authenticate users that have been
> added using the 'saslpasswd2' command?
> What is saslauthd trying to use for authentication, would it be the
> mechs shown in a 'saslauthd -v' output?
> What does changing the value in the Sendmail.conf file from saslauthd
> to auxprop or vice versa doing?
> Running a ps I see that saslauthd is using the shadow mech:
> /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
> But I have no users in the shadow file other than cyrus and my users
> for my mail server are in the sasldb file?
> I have read the documentation on the cyrus site, the man pages and
> searched the mailing list but I still cannot grasp what seems to be a
> simple concept.
> Can someone shed some light or at least point me in the right direction?
Hopefully I get this right! There are basically 2 high-level choices to
make: saslauthd or auxprop. saslauthd is an external daemon process that
your program communicates with via a unix socket. auxprop uses C library
modules that are loaded by libsasl into your program.
saslauthd support a few different authentication mechanisms. The most
popular are PAM and passwd/shadow.
Auxprop is usually used for sasldb, but I think there are several
different modules that can be used. I'm fuzzy on auxprop so maybe someone
else can fill in more detail here.
More information about the Info-cyrus