saslauthd question

Dan White dwhite at
Thu Dec 11 13:50:47 EST 2014

On 12/11/14 12:34 -0600, Patrick Goetz wrote:
>Surely someone on this list will know the answer to this question.
>Given sasl_pwcheck_method: saslauthd, with authentication mechanism=pam
>I'm trying to track down how saslauthd knows that the cyrus PAM service
>file is called imap; i.e. /etc/pam.d/imap.
>Is this just built in?  I can't find a configuration for it anywhere.

saslauthd receives the service name via the unix domain socket protocol
exchange - see the OVERVIEW section in saslauthd-main.c.

The glue layer (libsasl2) provides the service name to saslauthd based on
what it's given in the call to sasl_server_new (See the manpage). Cyrus
imapd hard codes the service names, and they are not configurable. Grep
through the cyrus imap source for that function call to determine which pam
file to configure for each service.

Dan White

More information about the Info-cyrus mailing list