[prev in list] [next in list] [prev in thread] [next in thread]
List: info-cyrus
Subject: Re: how to *not* use PAM, but sasldb2 on fedora core 5 (coming
From: Alexander Dalloz <ad+lists () uni-x ! org>
Date: 2006-03-31 19:25:46
Message-ID: 1143833146.14813.600.camel () serendipity ! dogma ! lan
[Download RAW message or body]
[Attachment #2 (multipart/signed)]
Am Di, den 28.03.2006 schrieb Timo Schoeler um 18:10:
> i'm in the not-so-lucky (at least for me ;) situation to set up a FC5
> imap server.
>
> it wants to use PAM, which runs fine for me on NetBSD 3.0 e.g., but
> this linux box won't do it:
>
> Mar 28 11:58:48 www perl: No worthy mechs found
> Mar 28 11:58:52 www saslauthd[3238]: do_auth : auth failure:
> [user=cyrus] [service=imap] [realm=localdomain] [mech=pam] [reason=PAM
> auth error
>
> (this is while trying 'cyradm -u cyrus localhost')
>
> the mechs are installed:
>
> cyrus-sasl.i386 2.1.21-10
> cyrus-sasl-lib.i386 2.1.21-10
> cyrus-sasl-md5.i386 2.1.21-10
> cyrus-sasl-plain.i386 2.1.21-10
> cyrus-sasl-devel.i386 2.1.21-10
> cyrus-sasl-gssapi.i386 2.1.21-10
> cyrus-sasl-ldap.i386 2.1.21-10
> cyrus-sasl-ntlm.i386 2.1.21-10
> cyrus-sasl-sql.i386 2.1.21-10
I would
yum remove cyrus-sasl-sql cyrus-sasl-ntlm cyrus-sasl-ldap
cyrus-sasl-gssapi
as those packages aren't needed for your setup. This way some mechs
aren't probed and you'll have no error log messages from them.
> so, has anyone running this setup (FC5, postfix, cyrus, managing mail
> users via saslpasswd & friends) running, and if so, how does one get there?
> timo
Pretty easy to do what you want:
1) service saslauthd stop
2) chkconfig saslauthd off
3) vi /usr/lib/sasl2/smtpd.conf
-> pwcheck_method: auxprop
-> auxprop_plugin: sasldb
-> mech_list: PLAIN LOGIN CRAM-MD5 DIGEST-MD5 [just set those you
want to offer]
4) postfix reload
5) saslpasswd2 -c -u localdomain cyrus [omit "-u" if it should your
`hostname`]
add more users as required
6) chown root:mail /etc/sasldb2
7) chmod 640 /etc/sasldb2
8) vi /etc/imapd.conf
-> sasl_pwcheck_method: auxprop
-> sasl_auxprop_plugin: sasldb
-> sasl_mech_list: login plain cram-md5 digest-md5 [just those
mechs to allow]
9) service cyrus-imapd restart
Alexander
--
Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773
legal statement: http://www.uni-x.org/legal.html
Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.35_FC2smp
Serendipity 21:14:11 up 17 days, 22:01, load average: 0.05, 0.07, 0.07
["signature.asc" (application/pgp-signature)]
----
Cyrus Home Page: http://asg.web.cmu.edu/cyrus
Cyrus Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic