saslauthd vs auxprop

Andrew Morgan morgan at
Mon Jan 10 02:38:59 EST 2011

On Sun, 9 Jan 2011, jonr at wrote:

> I cannot wrap my mind around saslauthd and auxprop.
> Does auxprop use the sasldb file to authenticate users that have been
> added using the 'saslpasswd2' command?
> What is saslauthd trying to use for authentication, would it be the
> mechs shown in a 'saslauthd -v' output?
> What does changing the value in the Sendmail.conf file from saslauthd
> to auxprop or vice versa doing?
> Running a ps I see that saslauthd is using the shadow mech:
> /usr/sbin/saslauthd -m /var/run/saslauthd -a shadow
> But I have no users in the shadow file other than cyrus and my users
> for my mail server are in the sasldb file?
> I have read the documentation on the cyrus site, the man pages and
> searched the mailing list but I still cannot grasp what seems to be a
> simple concept.
> Can someone shed some light or at least point me in the right direction?

Hopefully I get this right!  There are basically 2 high-level choices to 
make: saslauthd or auxprop.  saslauthd is an external daemon process that 
your program communicates with via a unix socket.  auxprop uses C library 
modules that are loaded by libsasl into your program.

saslauthd support a few different authentication mechanisms.  The most 
popular are PAM and passwd/shadow.

Auxprop is usually used for sasldb, but I think there are several 
different modules that can be used.  I'm fuzzy on auxprop so maybe someone 
else can fill in more detail here.


More information about the Info-cyrus mailing list