Context Navigation

cyrus-sasl.xml@ 42846033

Visit:

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal

Last change on this file since 42846033 was 0e45aee, checked in by DJ Lucas <dj@…>, 7 years ago

tags

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@19053 af4574ff-66df-0310-9fd7-8a98e5e911e0

Property mode set to 100644

File size: 13.5 KB

Rev	Line
[da4aff6]	1	<?xml version="1.0" encoding="ISO-8859-1"?>
[6732c094]	2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
	3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
[da4aff6]	4	<!ENTITY % general-entities SYSTEM "../../general.ent">
	5	%general-entities;
	6
[faf325d]	7	<!ENTITY cyrus-sasl-download-http " ">
	8	<!ENTITY cyrus-sasl-download-ftp "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
	9	<!ENTITY cyrus-sasl-md5sum "a7f4e5e559a0e37b3ffc438c9456e425">
[fae66a0]	10	<!ENTITY cyrus-sasl-size "5.0 MB">
[faf325d]	11	<!ENTITY cyrus-sasl-buildsize "30 MB">
[fae66a0]	12	<!ENTITY cyrus-sasl-time "0.5 SBU">
[da4aff6]	13	]>
	14
	15	<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
[1cc0752]	16	<?dbhtml filename="cyrus-sasl.html"?>
	17
	18	<sect1info>
	19	<othername>$LastChangedBy$</othername>
	20	<date>$Date$</date>
	21	</sect1info>
	22
	23	<title>Cyrus SASL-&cyrus-sasl-version;</title>
	24
	25	<indexterm zone="cyrus-sasl">
	26	<primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
	27	</indexterm>
	28
	29	<sect2 role="package">
	30	<title>Introduction to Cyrus SASL</title>
	31
[faf325d]	32	<para>
	33	The <application>Cyrus SASL</application> package contains a Simple
	34	Authentication and Security Layer, a method for adding authentication
	35	support to connection-based protocols. To use SASL, a protocol includes
	36	a command for identifying and authenticating a user to a server and for
	37	optionally negotiating protection of subsequent protocol interactions.
	38	If its use is negotiated, a security layer is inserted between the
	39	protocol and the connection.
	40	</para>
[1cc0752]	41
[0e45aee]	42	&lfs81_checked;
[fae66a0]	43
[1cc0752]	44	<bridgehead renderas="sect3">Package Information</bridgehead>
	45	<itemizedlist spacing="compact">
	46	<listitem>
[faf325d]	47	<para>
	48	Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/>
	49	</para>
[1cc0752]	50	</listitem>
	51	<listitem>
[faf325d]	52	<para>
	53	Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/>
	54	</para>
[1cc0752]	55	</listitem>
	56	<listitem>
[faf325d]	57	<para>
	58	Download MD5 sum: &cyrus-sasl-md5sum;
	59	</para>
[1cc0752]	60	</listitem>
	61	<listitem>
[faf325d]	62	<para>
	63	Download size: &cyrus-sasl-size;
	64	</para>
[1cc0752]	65	</listitem>
	66	<listitem>
[faf325d]	67	<para>
	68	Estimated disk space required: &cyrus-sasl-buildsize;
	69	</para>
[1cc0752]	70	</listitem>
	71	<listitem>
[faf325d]	72	<para>
	73	Estimated build time: &cyrus-sasl-time;
	74	</para>
[1cc0752]	75	</listitem>
	76	</itemizedlist>
	77
[fae66a0]	78	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
	79	<itemizedlist spacing="compact">
	80	<listitem>
[faf325d]	81	<para>
	82	Required patch:
[643ea8d7]	83	<ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-3.patch"/>
[faf325d]	84	</para>
[fae66a0]	85	</listitem>
[a4f37269]	86	<listitem>
	87	<para>
	88	Required patch:
	89	<ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-openssl-1.1.0-1.patch"/>
	90	</para>
	91	</listitem>
[fae66a0]	92	</itemizedlist>
	93
[1cc0752]	94	<bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
	95
	96	<bridgehead renderas="sect4">Required</bridgehead>
[faf325d]	97	<para role="required">
	98	<xref linkend="openssl"/>
	99	</para>
[1cc0752]	100
[fae66a0]	101	<bridgehead renderas="sect4">Recommended</bridgehead>
[faf325d]	102	<para role="recommended">
	103	<xref linkend="db"/>
	104	</para>
[fae66a0]	105
[1cc0752]	106	<bridgehead renderas="sect4">Optional</bridgehead>
[faf325d]	107	<para role="optional">
	108	<xref linkend="linux-pam"/>,
	109	<xref linkend="mitkrb"/>,
[5e0662d]	110	<xref linkend="mariadb"/> or <ulink url="http://www.mysql.com/">MySQL</ulink>,
[faf325d]	111	<xref linkend="openjdk"/>,
	112	<xref linkend="openldap"/>,
	113	<xref linkend="postgresql"/>,
	114	<xref linkend="sqlite"/>,
[31d6e38]	115	<ulink url="ftp://ftp.pdc.kth.se/pub/krb/src/">krb4</ulink> and
[faf325d]	116	<ulink url="http://dmalloc.com/">Dmalloc</ulink>
	117	</para>
[1cc0752]	118
[3597eb6]	119	<para condition="html" role="usernotes">User Notes:
[faf325d]	120	<ulink url="&blfs-wiki;/cyrus-sasl"/>
	121	</para>
[1cc0752]	122	</sect2>
	123
	124	<sect2 role="installation">
	125	<title>Installation of Cyrus SASL</title>
	126
[faf325d]	127	<para>
	128	Install <application>Cyrus SASL</application> by
	129	running the following commands:
	130	</para>
[1cc0752]	131
[643ea8d7]	132	<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-fixes-3.patch &&
[a4f37269]	133	patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-openssl-1.1.0-1.patch &&
[faf325d]	134	autoreconf -fi &&
[aed3e6ec]	135
[15fc6d6]	136	./configure --prefix=/usr \
	137	--sysconfdir=/etc \
	138	--enable-auth-sasldb \
[a8c9494]	139	--with-dbpath=/var/lib/sasl/sasldb2 \
[643ea8d7]	140	--with-saslauthd=/var/run/saslauthd &&
[49a38a1]	141	make</userinput></screen>
[305e60de]	142
[faf325d]	143	<para>
	144	This package does not come with a test suite. If you are planning
	145	on using the GSSAPI authentication mechanism, it is recommended to test
	146	it after installing the package using the sample server and client
	147	programs which were built in the preceding step. Instructions for
	148	performing the tests can be found at
	149	<ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.
	150	</para>
[1f01e700]	151
[faf325d]	152	<para>
	153	Now, as the <systemitem class="username">root</systemitem> user:
	154	</para>
[305e60de]	155
[1cc0752]	156	<screen role="root"><userinput>make install &&
[faf325d]	157	install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &&
	158	install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
[72e3bf7]	159	saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &&
[faf325d]	160	install -v -dm700 /var/lib/sasl</userinput></screen>
[da4aff6]	161
[1cc0752]	162	</sect2>
	163
	164	<sect2 role="commands">
	165	<title>Command Explanations</title>
	166
[faf325d]	167	<para>
	168	<parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
	169	switch forces the <command>sasldb</command> database to be created
	170	in <filename class="directory">/var/lib/sasl</filename> instead of
	171	<filename class="directory">/etc</filename>.
	172	</para>
	173
	174	<para>
	175	<parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
	176	switch forces <command>saslauthd</command> to use the FHS compliant
	177	directory <filename class="directory">/var/run/saslauthd</filename>
	178	for variable run-time data.
	179	</para>
	180
[a5ce76f]	181	<para>
	182	<parameter>--enable-auth-sasldb</parameter>: This switch enables
	183	SASLDB authentication backend.
	184	</para>
	185
[faf325d]	186	<para>
[f859e6fd]	187	<option>--with-dblib=gdbm</option>: This switch forces
[faf325d]	188	<application>GDBM</application> to be used instead of
	189	<application>Berkeley DB</application>.
	190	</para>
	191
	192	<para>
	193	<option>--with-ldap</option>: This switch enables the
	194	<application>OpenLDAP</application> support.
	195	</para>
	196
	197	<para>
	198	<option>--enable-ldapdb</option>: This switch enables the
	199	LDAPDB authentication backend. There is a circular dependency with this
	200	parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
	201	this problem.
	202	</para>
	203
	204	<para>
	205	<option>--enable-java</option>: This switch enables compiling of the
	206	<application>Java</application> support libraries.
	207	</para>
	208
	209	<para>
	210	<option>--enable-login</option>: This option enables unsupported
	211	LOGIN authentication.
	212	</para>
	213
	214	<para>
	215	<option>--enable-ntlm</option>: This option enables unsupported
	216	NTLM authentication.
	217	</para>
	218
	219	<para>
	220	<command>install -v -m644 ...</command>: These commands
	221	install documentation which is not installed by the
	222	<command>make install</command> command.
	223	</para>
	224
	225	<para>
	226	<command>install -v -m700 -d /var/lib/sasl</command>: This directory
	227	must exist when starting <command>saslauthd</command> or using the
	228	sasldb plugin. If you're not going to be running the daemon or
	229	using the plugins, you may omit the creation of this directory.
	230	</para>
[1cc0752]	231
	232	</sect2>
	233
	234	<sect2 role="configuration">
	235	<title>Configuring Cyrus SASL</title>
	236
	237	<sect3 id="cyrus-sasl-config">
	238	<title>Config Files</title>
	239
[faf325d]	240	<para>
	241	<filename>/etc/saslauthd.conf</filename>
	242	(for <command>saslauthd</command> LDAP configuration) and
	243	<filename>/etc/sasl2/Appname.conf</filename>
	244	(where "Appname" is the application defined name of the application)
	245	</para>
[1cc0752]	246
	247	<indexterm zone="cyrus-sasl cyrus-sasl-config">
	248	<primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
	249	</indexterm>
	250
	251	</sect3>
	252
	253	<sect3>
	254	<title>Configuration Information</title>
	255
[faf325d]	256	<para>
	257	See
[0d381254]	258	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
[faf325d]	259	for information on what to include in the application configuration files.
	260	</para>
	261
	262	<para>
	263	See
[0d381254]	264	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
[faf325d]	265	for configuring <command>saslauthd</command> with
	266	<application>OpenLDAP</application>.
	267	</para>
	268
	269	<para>
	270	See
[0d381254]	271	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/gssapi.html"/>
[faf325d]	272	for configuring <command>saslauthd</command> with <application>Kerberos</application>.
[fae66a0]	273	</para>
[1cc0752]	274
	275	</sect3>
	276
[e445195]	277	<sect3 id="cyrus-sasl-init">
[f586237]	278	<title><phrase revision="sysv">Init Script</phrase>
	279	<phrase revision="systemd">Systemd Unit</phrase></title>
[e445195]	280
[f586237]	281	<para revision="sysv">
[e445195]	282	If you need to run the <command>saslauthd</command> daemon at system
	283	startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename>
[f586237]	284	init script included in the
	285	<xref linkend="bootscripts"/> package using the following command:
	286	</para>
	287
	288	<para revision="systemd">
	289	If you need to run the <command>saslauthd</command> daemon at system
	290	startup, install the <filename>saslauthd.service</filename> unit
	291	included in the <xref linkend="systemd-units"/> package using the
	292	following command:
[e445195]	293	</para>
	294
	295	<indexterm zone="cyrus-sasl cyrus-sasl-init">
	296	<primary sortas="f-saslauthd">saslauthd</primary>
	297	</indexterm>
	298
	299	<screen role="root"><userinput>make install-saslauthd</userinput></screen>
	300
	301	<note>
	302	<para>
[f586237]	303	You'll need to modify
	304	<filename revision="sysv">/etc/sysconfig/saslauthd</filename>
	305	<filename revision="systemd">/etc/default/saslauthd</filename>
	306	and modify the
	307	<option revision="sysv">AUTHMECH</option>
	308	<option revision="systemd">MECHANISM</option>
	309	parameter with your desired authentication mechanism.
[e445195]	310	</para>
	311	</note>
	312
	313	</sect3>
[1cc0752]	314
	315	</sect2>
	316
	317	<sect2 role="content">
	318	<title>Contents</title>
	319
	320	<segmentedlist>
	321	<segtitle>Installed Programs</segtitle>
[faf325d]	322	<segtitle>Installed Library</segtitle>
[1cc0752]	323	<segtitle>Installed Directories</segtitle>
	324
	325	<seglistitem>
[faf325d]	326	<seg>
	327	pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and
	328	testsaslauthd
	329	</seg>
	330	<seg>
	331	libsasl2.so
	332	</seg>
	333	<seg>
	334	/usr/include/sasl,
	335	/usr/lib/sasl2,
	336	/usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and
	337	/var/lib/sasl
	338	</seg>
[1cc0752]	339	</seglistitem>
	340	</segmentedlist>
	341
	342	<variablelist>
	343	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
	344	<?dbfo list-presentation="list"?>
	345	<?dbhtml list-presentation="table"?>
	346
[fae66a0]	347	<varlistentry id="pluginviewer">
	348	<term><command>pluginviewer</command></term>
	349	<listitem>
[faf325d]	350	<para>
	351	is used to list loadable SASL plugins and their properties.
	352	</para>
[fae66a0]	353	<indexterm zone="cyrus-sasl pluginviewer">
	354	<primary sortas="b-pluginviewer">pluginviewer</primary>
	355	</indexterm>
	356	</listitem>
	357	</varlistentry>
	358
[1cc0752]	359	<varlistentry id="saslauthd">
	360	<term><command>saslauthd</command></term>
	361	<listitem>
[faf325d]	362	<para>
	363	is the SASL authentication server.
	364	</para>
[1cc0752]	365	<indexterm zone="cyrus-sasl saslauthd">
	366	<primary sortas="b-saslauthd">saslauthd</primary>
	367	</indexterm>
	368	</listitem>
	369	</varlistentry>
	370
	371	<varlistentry id="sasldblistusers2">
	372	<term><command>sasldblistusers2</command></term>
	373	<listitem>
[faf325d]	374	<para>
	375	is used to list the users in the SASL password database
	376	<filename>sasldb2</filename>.
	377	</para>
[1cc0752]	378	<indexterm zone="cyrus-sasl sasldblistusers2">
	379	<primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
	380	</indexterm>
	381	</listitem>
	382	</varlistentry>
	383
	384	<varlistentry id="saslpasswd2">
	385	<term><command>saslpasswd2</command></term>
	386	<listitem>
[faf325d]	387	<para>
	388	is used to set and delete a user's SASL password and
	389	mechanism specific secrets in the SASL password
	390	database <filename>sasldb2</filename>.
	391	</para>
[1cc0752]	392	<indexterm zone="cyrus-sasl saslpasswd2">
	393	<primary sortas="b-saslpasswd2">saslpasswd2</primary>
	394	</indexterm>
	395	</listitem>
	396	</varlistentry>
	397
[fae66a0]	398	<varlistentry id="testsaslauthd">
	399	<term><command>testsaslauthd</command></term>
	400	<listitem>
[faf325d]	401	<para>
	402	is a test utility for the SASL authentication server.
	403	</para>
[fae66a0]	404	<indexterm zone="cyrus-sasl testsaslauthd">
	405	<primary sortas="b-testsaslauthd">testsaslauthd</primary>
	406	</indexterm>
	407	</listitem>
	408	</varlistentry>
	409
[1cc0752]	410	<varlistentry id="libsasl2">
[faf325d]	411	<term><filename class="libraryfile">libsasl2.so</filename></term>
[1cc0752]	412	<listitem>
[faf325d]	413	<para>
	414	is a general purpose authentication library for server
	415	and client applications.
	416	</para>
[1cc0752]	417	<indexterm zone="cyrus-sasl libsasl2">
	418	<primary sortas="c-libsasl2">libsasl2.so</primary>
	419	</indexterm>
	420	</listitem>
	421	</varlistentry>
	422
	423	</variablelist>
	424
	425	</sect2>
	426
	427	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: postlfs/security/cyrus-sasl.xml@ 42846033

Download in other formats: