source: postlfs/security/cyrus-sasl.xml@ 872db717

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 872db717 was 42cedf2, checked in by Randy McMurchy <randy@…>, 19 years ago

Added a GCC-4 patch to the Cyrus-SASL instructions

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@5029 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 10.3 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
3 "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz ">
8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9 <!ENTITY cyrus-sasl-md5sum "dde02db234dea892bee298390890502e">
10 <!ENTITY cyrus-sasl-size "1.6 MB">
11 <!ENTITY cyrus-sasl-buildsize "16 MB">
12 <!ENTITY cyrus-sasl-time "0.3 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>The <application>Cyrus SASL</application> package contains a Simple
33 Authentication and Security Layer, a method for adding authentication
34 support to connection-based protocols. To use SASL, a protocol includes a
35 command for identifying and authenticating a user to a server and for
36 optionally negotiating protection of subsequent protocol interactions. If
37 its use is negotiated, a security layer is inserted between the protocol
38 and the connection.</para>
39
40 <bridgehead renderas="sect3">Package Information</bridgehead>
41 <itemizedlist spacing="compact">
42 <listitem>
43 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para>
44 </listitem>
45 <listitem>
46 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para>
47 </listitem>
48 <listitem>
49 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para>
50 </listitem>
51 <listitem>
52 <para>Download size: &cyrus-sasl-size;</para>
53 </listitem>
54 <listitem>
55 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para>
56 </listitem>
57 <listitem>
58 <para>Estimated build time: &cyrus-sasl-time;</para>
59 </listitem>
60 </itemizedlist>
61
62 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
63 <itemizedlist spacing="compact">
64 <listitem>
65 <para>Required patch: <ulink
66 url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-gcc4-1.patch"/></para>
67 </listitem>
68 </itemizedlist>
69
70 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
71
72 <bridgehead renderas="sect4">Required</bridgehead>
73 <para><xref linkend="openssl"/></para>
74
75 <bridgehead renderas="sect4">Optional</bridgehead>
76 <para><xref linkend="Linux_PAM"/>,
77 <xref linkend="openldap"/>,
78 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
79 <xref linkend="jdk"/>,
80 <xref linkend="mysql"/>,
81 <xref linkend="postgresql"/>,
82 <xref linkend="db"/>,
83 <xref linkend="gdbm"/>,
84 <!-- <xref linkend="courier"/>, -->
85 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>,
86 <ulink url="http://sqlite.org/">SQLite</ulink> and
87 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para>
88
89 </sect2>
90
91 <sect2 role="installation">
92 <title>Installation of Cyrus SASL</title>
93
94 <para>Install <application>Cyrus SASL</application> by
95 running the following commands:</para>
96
97<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-gcc4-1.patch &amp;&amp;
98./configure --prefix=/usr --sysconfdir=/etc \
99 --with-dbpath=/var/lib/sasl/sasldb2 \
100 --with-saslauthd=/var/run &amp;&amp;
101make</userinput></screen>
102
103 <para>This package does not come with a test suite. If you are planning
104 on using the GSSAPI authentication mechanism, it is recommended to test
105 it after installing the package using the sample server and client programs
106 which were built in the preceding step. Instructions for performing the
107 tests can be found at <ulink
108 url="http://www.linuxfromscratch.org/hints/downloads/files/cyrus-sasl.txt"/>.</para>
109
110 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
111
112<screen role="root"><userinput>make install &amp;&amp;
113install -v -m644 saslauthd/saslauthd.8 /usr/share/man/man8 &amp;&amp;
114install -v -m755 -d /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
115install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
116 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
117install -v -m700 -d /var/lib/sasl</userinput></screen>
118
119 </sect2>
120
121 <sect2 role="commands">
122 <title>Command Explanations</title>
123
124 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
125 parameter forces the <command>saslauthd</command> database to be created
126 in <filename class='directory'>/var/lib/sasl</filename> instead of
127 <filename class='directory'>/etc</filename>.</para>
128
129 <para><parameter>--with-saslauthd=/var/run</parameter>: This parameter
130 forces <command>saslauthd</command> to use the FHS compliant
131 directory <filename class='directory'>/var/run</filename> for variable
132 run-time data.</para>
133
134 <para><option>--with-ldap</option>: This parameter enables use
135 with <application>OpenLDAP</application>.</para>
136
137 <para><option>--enable-ldapdb</option>: This parameter enables the
138 LDAPDB authentication backend. There is a circular dependency with this
139 parameter which requires you to build the
140 <application>Cyrus SASL</application> package, then the
141 <application>OpenLDAP</application> package (with SASL support), then
142 finally building the <application>Cyrus SASL</application> package again
143 with this parameter.</para>
144
145 <para><command>install -v -m644 ...</command>: These commands
146 install documentation which is not installed by the
147 <command>make install</command> command.</para>
148
149 <para><command>install -v -m700 -d /var/lib/sasl</command>: This directory
150 must exist when starting <command>saslauthd</command>. If you're not going
151 to be running the daemon, you may omit the creation of this directory.</para>
152
153 </sect2>
154
155 <sect2 role="configuration">
156 <title>Configuring Cyrus SASL</title>
157
158 <sect3 id="cyrus-sasl-config">
159 <title>Config Files</title>
160
161 <para><filename>/etc/saslauthd.conf</filename> (for LDAP configuration)
162 and <filename>/usr/lib/sasl2/Appname.conf</filename> (where "Appname"
163 is the application defined name of the application)</para>
164
165 <indexterm zone="cyrus-sasl cyrus-sasl-config">
166 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
167 </indexterm>
168
169 </sect3>
170
171 <sect3>
172 <title>Configuration Information</title>
173
174 <para>See <ulink
175 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
176 for information on what to include in the application configuration files.
177 See <ulink
178 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
179 for configuring <command>saslauthd</command> with
180 <application>OpenLDAP</application>.</para>
181
182 </sect3>
183
184 <sect3 id="cyrus-sasl-init">
185 <title>Init Script</title>
186
187 <para>If you need to run the <command>saslauthd</command> daemon at system
188 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename>
189 init script included in the <xref linkend="intro-important-bootscripts"/>
190 package.</para>
191
192 <indexterm zone="cyrus-sasl cyrus-sasl-init">
193 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary>
194 </indexterm>
195
196<screen role="root"><userinput>make install-cyrus-sasl</userinput></screen>
197
198 <note>
199 <para>You'll need to modify the init script and replace the
200 <option><replaceable>[authmech]</replaceable></option> parameter
201 to the <option>-a</option> switch with your desired authentication
202 mechanism.</para>
203 </note>
204
205 </sect3>
206
207 </sect2>
208
209 <sect2 role="content">
210 <title>Contents</title>
211
212 <segmentedlist>
213 <segtitle>Installed Programs</segtitle>
214 <segtitle>Installed Libraries</segtitle>
215 <segtitle>Installed Directories</segtitle>
216
217 <seglistitem>
218 <seg>saslauthd, sasldblistusers2, and saslpasswd2</seg>
219 <seg>libjavasasl.so, libsasl2.so, and numerous SASL plugins and
220 Java classes</seg>
221 <seg>/usr/include/sasl, /usr/lib/java/classes/sasl, /usr/lib/sasl2,
222 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg>
223 </seglistitem>
224 </segmentedlist>
225
226 <variablelist>
227 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
228 <?dbfo list-presentation="list"?>
229 <?dbhtml list-presentation="table"?>
230
231 <varlistentry id="saslauthd">
232 <term><command>saslauthd</command></term>
233 <listitem>
234 <para>is the SASL authentication server.</para>
235 <indexterm zone="cyrus-sasl saslauthd">
236 <primary sortas="b-saslauthd">saslauthd</primary>
237 </indexterm>
238 </listitem>
239 </varlistentry>
240
241 <varlistentry id="sasldblistusers2">
242 <term><command>sasldblistusers2</command></term>
243 <listitem>
244 <para>is used to list the users in the SASL password database.</para>
245 <indexterm zone="cyrus-sasl sasldblistusers2">
246 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
247 </indexterm>
248 </listitem>
249 </varlistentry>
250
251 <varlistentry id="saslpasswd2">
252 <term><command>saslpasswd2</command></term>
253 <listitem>
254 <para>is used to set and delete a user's SASL password and
255 mechanism specific secrets in the SASL password database.</para>
256 <indexterm zone="cyrus-sasl saslpasswd2">
257 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
258 </indexterm>
259 </listitem>
260 </varlistentry>
261
262 <varlistentry id="libsasl2">
263 <term><filename class='libraryfile'>libsasl2.so</filename></term>
264 <listitem>
265 <para>is a general purpose authentication library for server and
266 client applications.</para>
267 <indexterm zone="cyrus-sasl libsasl2">
268 <primary sortas="c-libsasl2">libsasl2.so</primary>
269 </indexterm>
270 </listitem>
271 </varlistentry>
272
273 </variablelist>
274
275 </sect2>
276
277</sect1>
Note: See TracBrowser for help on using the repository browser.