Context Navigation

cyrus-sasl.xml@ 85ec85ef

Visit:

gnome

Last change on this file since 85ec85ef was cae7a6fb, checked in by Christopher Gregory <cjg@…>, 10 years ago

Converted acpid at autofs bluez fcron gpm sysstat udisks2 upower dhcp nfs-utils cyrus-sasl mitkrb openssh polkit and stunnel pages to systemd

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/branches/gnome@13413 af4574ff-66df-0310-9fd7-8a98e5e911e0

Property mode set to 100644

File size: 12.9 KB

Line
1	<?xml version="1.0" encoding="ISO-8859-1"?>
2	<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3	"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4	<!ENTITY % general-entities SYSTEM "../../general.ent">
5	%general-entities;
6
7	<!ENTITY cyrus-sasl-download-http " ">
8	<!ENTITY cyrus-sasl-download-ftp "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9	<!ENTITY cyrus-sasl-md5sum "a7f4e5e559a0e37b3ffc438c9456e425">
10	<!ENTITY cyrus-sasl-size "5.0 MB">
11	<!ENTITY cyrus-sasl-buildsize "30 MB">
12	<!ENTITY cyrus-sasl-time "0.5 SBU">
13	]>
14
15	<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16	<?dbhtml filename="cyrus-sasl.html"?>
17
18	<sect1info>
19	<othername>$LastChangedBy$</othername>
20	<date>$Date$</date>
21	</sect1info>
22
23	<title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25	<indexterm zone="cyrus-sasl">
26	<primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27	</indexterm>
28
29	<sect2 role="package">
30	<title>Introduction to Cyrus SASL</title>
31
32	<para>
33	The <application>Cyrus SASL</application> package contains a Simple
34	Authentication and Security Layer, a method for adding authentication
35	support to connection-based protocols. To use SASL, a protocol includes
36	a command for identifying and authenticating a user to a server and for
37	optionally negotiating protection of subsequent protocol interactions.
38	If its use is negotiated, a security layer is inserted between the
39	protocol and the connection.
40	</para>
41
42	&lfs75_checked;
43
44	<bridgehead renderas="sect3">Package Information</bridgehead>
45	<itemizedlist spacing="compact">
46	<listitem>
47	<para>
48	Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/>
49	</para>
50	</listitem>
51	<listitem>
52	<para>
53	Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/>
54	</para>
55	</listitem>
56	<listitem>
57	<para>
58	Download MD5 sum: &cyrus-sasl-md5sum;
59	</para>
60	</listitem>
61	<listitem>
62	<para>
63	Download size: &cyrus-sasl-size;
64	</para>
65	</listitem>
66	<listitem>
67	<para>
68	Estimated disk space required: &cyrus-sasl-buildsize;
69	</para>
70	</listitem>
71	<listitem>
72	<para>
73	Estimated build time: &cyrus-sasl-time;
74	</para>
75	</listitem>
76	</itemizedlist>
77
78	<bridgehead renderas="sect3">Additional Downloads</bridgehead>
79	<itemizedlist spacing="compact">
80	<listitem>
81	<para>
82	Required patch:
83	<ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch"/>
84	</para>
85	</listitem>
86	</itemizedlist>
87
88	<bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
89
90	<bridgehead renderas="sect4">Required</bridgehead>
91	<para role="required">
92	<xref linkend="openssl"/>
93	</para>
94
95	<bridgehead renderas="sect4">Recommended</bridgehead>
96	<para role="recommended">
97	<xref linkend="db"/>
98	</para>
99
100	<bridgehead renderas="sect4">Optional</bridgehead>
101	<para role="optional">
102	<xref linkend="linux-pam"/>,
103	<xref linkend="mitkrb"/>,
104	<xref linkend="mariadb"/> or <ulink url="http://www.mysql.com/">MySQL</ulink>,
105	<xref linkend="openjdk"/>,
106	<xref linkend="openldap"/>,
107	<xref linkend="postgresql"/>,
108	<xref linkend="sqlite"/>,
109	<ulink url="ftp://ftp.pdc.kth.se/pub/krb/src/">krb4</ulink> and
110	<ulink url="http://dmalloc.com/">Dmalloc</ulink>
111	</para>
112
113	<para condition="html" role="usernotes">User Notes:
114	<ulink url="&blfs-wiki;/cyrus-sasl"/>
115	</para>
116	</sect2>
117
118	<sect2 role="installation">
119	<title>Installation of Cyrus SASL</title>
120
121	<note>
122	<para>
123	This package does not support parallel build.
124	</para>
125	</note>
126
127	<para>
128	Install <application>Cyrus SASL</application> by
129	running the following commands:
130	</para>
131
132	<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch &&
133	autoreconf -fi &&
134	pushd saslauthd &&
135	autoreconf -fi &&
136	popd &&
137	./configure --prefix=/usr \
138	--sysconfdir=/etc \
139	--enable-auth-sasldb \
140	--with-dbpath=/var/lib/sasl/sasldb2 \
141	--with-saslauthd=/var/run/saslauthd \
142	CFLAGS=-fPIC &&
143	make -j1</userinput></screen>
144
145	<para>
146	This package does not come with a test suite. If you are planning
147	on using the GSSAPI authentication mechanism, it is recommended to test
148	it after installing the package using the sample server and client
149	programs which were built in the preceding step. Instructions for
150	performing the tests can be found at
151	<ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.
152	</para>
153
154	<para>
155	Now, as the <systemitem class="username">root</systemitem> user:
156	</para>
157
158	<screen role="root"><userinput>make install &&
159	install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &&
160	install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
161	saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &&
162	install -v -dm700 /var/lib/sasl</userinput></screen>
163
164	</sect2>
165
166	<sect2 role="commands">
167	<title>Command Explanations</title>
168
169	<para>
170	<parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
171	switch forces the <command>sasldb</command> database to be created
172	in <filename class="directory">/var/lib/sasl</filename> instead of
173	<filename class="directory">/etc</filename>.
174	</para>
175
176	<para>
177	<parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
178	switch forces <command>saslauthd</command> to use the FHS compliant
179	directory <filename class="directory">/var/run/saslauthd</filename>
180	for variable run-time data.
181	</para>
182
183	<para>
184	<parameter>CFLAGS=-fPIC</parameter>: This ensures that the package can build
185	on x86_64.
186	</para>
187
188	<para>
189	<parameter>--enable-auth-sasldb</parameter>: This switch enables
190	SASLDB authentication backend.
191	</para>
192
193	<para>
194	<parameter>--with-dblib=gdbm</parameter>: This switch forces
195	<application>GDBM</application> to be used instead of
196	<application>Berkeley DB</application>.
197	</para>
198
199	<para>
200	<option>--with-ldap</option>: This switch enables the
201	<application>OpenLDAP</application> support.
202	</para>
203
204	<para>
205	<option>--enable-ldapdb</option>: This switch enables the
206	LDAPDB authentication backend. There is a circular dependency with this
207	parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
208	this problem.
209	</para>
210
211	<para>
212	<option>--enable-java</option>: This switch enables compiling of the
213	<application>Java</application> support libraries.
214	</para>
215
216	<para>
217	<option>--enable-login</option>: This option enables unsupported
218	LOGIN authentication.
219	</para>
220
221	<para>
222	<option>--enable-ntlm</option>: This option enables unsupported
223	NTLM authentication.
224	</para>
225
226	<para>
227	<command>install -v -m644 ...</command>: These commands
228	install documentation which is not installed by the
229	<command>make install</command> command.
230	</para>
231
232	<para>
233	<command>install -v -m700 -d /var/lib/sasl</command>: This directory
234	must exist when starting <command>saslauthd</command> or using the
235	sasldb plugin. If you're not going to be running the daemon or
236	using the plugins, you may omit the creation of this directory.
237	</para>
238
239	</sect2>
240
241	<sect2 role="configuration">
242	<title>Configuring Cyrus SASL</title>
243
244	<sect3 id="cyrus-sasl-config">
245	<title>Config Files</title>
246
247	<para>
248	<filename>/etc/saslauthd.conf</filename>
249	(for <command>saslauthd</command> LDAP configuration) and
250	<filename>/etc/sasl2/Appname.conf</filename>
251	(where "Appname" is the application defined name of the application)
252	</para>
253
254	<indexterm zone="cyrus-sasl cyrus-sasl-config">
255	<primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
256	</indexterm>
257
258	</sect3>
259
260	<sect3>
261	<title>Configuration Information</title>
262
263	<para>
264	See
265	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
266	for information on what to include in the application configuration files.
267	</para>
268
269	<para>
270	See
271	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
272	for configuring <command>saslauthd</command> with
273	<application>OpenLDAP</application>.
274	</para>
275
276	<para>
277	See
278	<ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/gssapi.html"/>
279	for configuring <command>saslauthd</command> with <application>Kerberos</application>.
280	</para>
281
282	</sect3>
283
284	<sect3 id="cyrus-sasl-systemd">
285	<title>Systemd Unit File</title>
286
287	<para>
288	The systemd-units package provides native unit files. Install the systemd unit
289	in the <xref linkend="systemd-units"/> package using the following command as the
290	<systemitem class="username">root</systemitem> user:
291	</para>
292
293	<indexterm zone="cyrus-sasl cyrus-sasl-systemd">
294	<primary sortas="f-saslauthd">saslauthd</primary>
295	</indexterm>
296
297	<screen role="root"><userinput>make install-saslauthd</userinput></screen>
298
299	<note>
300	<para>
301	The default authentication method is "shadow" and that the /etc/default/saslauthd
302	file needs to be modified for anything else.
303	</para>
304	</note>
305
306	</sect3>
307
308	</sect2>
309
310	<sect2 role="content">
311	<title>Contents</title>
312
313	<segmentedlist>
314	<segtitle>Installed Programs</segtitle>
315	<segtitle>Installed Library</segtitle>
316	<segtitle>Installed Directories</segtitle>
317
318	<seglistitem>
319	<seg>
320	pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and
321	testsaslauthd
322	</seg>
323	<seg>
324	libsasl2.so
325	</seg>
326	<seg>
327	/usr/include/sasl,
328	/usr/lib/sasl2,
329	/usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and
330	/var/lib/sasl
331	</seg>
332	</seglistitem>
333	</segmentedlist>
334
335	<variablelist>
336	<bridgehead renderas="sect3">Short Descriptions</bridgehead>
337	<?dbfo list-presentation="list"?>
338	<?dbhtml list-presentation="table"?>
339
340	<varlistentry id="pluginviewer">
341	<term><command>pluginviewer</command></term>
342	<listitem>
343	<para>
344	is used to list loadable SASL plugins and their properties.
345	</para>
346	<indexterm zone="cyrus-sasl pluginviewer">
347	<primary sortas="b-pluginviewer">pluginviewer</primary>
348	</indexterm>
349	</listitem>
350	</varlistentry>
351
352	<varlistentry id="saslauthd">
353	<term><command>saslauthd</command></term>
354	<listitem>
355	<para>
356	is the SASL authentication server.
357	</para>
358	<indexterm zone="cyrus-sasl saslauthd">
359	<primary sortas="b-saslauthd">saslauthd</primary>
360	</indexterm>
361	</listitem>
362	</varlistentry>
363
364	<varlistentry id="sasldblistusers2">
365	<term><command>sasldblistusers2</command></term>
366	<listitem>
367	<para>
368	is used to list the users in the SASL password database
369	<filename>sasldb2</filename>.
370	</para>
371	<indexterm zone="cyrus-sasl sasldblistusers2">
372	<primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
373	</indexterm>
374	</listitem>
375	</varlistentry>
376
377	<varlistentry id="saslpasswd2">
378	<term><command>saslpasswd2</command></term>
379	<listitem>
380	<para>
381	is used to set and delete a user's SASL password and
382	mechanism specific secrets in the SASL password
383	database <filename>sasldb2</filename>.
384	</para>
385	<indexterm zone="cyrus-sasl saslpasswd2">
386	<primary sortas="b-saslpasswd2">saslpasswd2</primary>
387	</indexterm>
388	</listitem>
389	</varlistentry>
390
391	<varlistentry id="testsaslauthd">
392	<term><command>testsaslauthd</command></term>
393	<listitem>
394	<para>
395	is a test utility for the SASL authentication server.
396	</para>
397	<indexterm zone="cyrus-sasl testsaslauthd">
398	<primary sortas="b-testsaslauthd">testsaslauthd</primary>
399	</indexterm>
400	</listitem>
401	</varlistentry>
402
403	<varlistentry id="libsasl2">
404	<term><filename class="libraryfile">libsasl2.so</filename></term>
405	<listitem>
406	<para>
407	is a general purpose authentication library for server
408	and client applications.
409	</para>
410	<indexterm zone="cyrus-sasl libsasl2">
411	<primary sortas="c-libsasl2">libsasl2.so</primary>
412	</indexterm>
413	</listitem>
414	</varlistentry>
415
416	</variablelist>
417
418	</sect2>
419
420	</sect1>

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: postlfs/security/cyrus-sasl.xml@ 85ec85ef

Download in other formats: