source: postlfs/security/cyrus-sasl.xml@ 014d750f

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 014d750f was 014d750f, checked in by Igor Živković <igor@…>, 10 years ago

add -j1 flag to make command for packages that do not support parallel build

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@12782 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 12.8 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http " ">
8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9 <!ENTITY cyrus-sasl-md5sum "a7f4e5e559a0e37b3ffc438c9456e425">
10 <!ENTITY cyrus-sasl-size "5.0 MB">
11 <!ENTITY cyrus-sasl-buildsize "30 MB">
12 <!ENTITY cyrus-sasl-time "0.5 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>
33 The <application>Cyrus SASL</application> package contains a Simple
34 Authentication and Security Layer, a method for adding authentication
35 support to connection-based protocols. To use SASL, a protocol includes
36 a command for identifying and authenticating a user to a server and for
37 optionally negotiating protection of subsequent protocol interactions.
38 If its use is negotiated, a security layer is inserted between the
39 protocol and the connection.
40 </para>
41
42 &lfs75_checked;
43
44 <bridgehead renderas="sect3">Package Information</bridgehead>
45 <itemizedlist spacing="compact">
46 <listitem>
47 <para>
48 Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/>
49 </para>
50 </listitem>
51 <listitem>
52 <para>
53 Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/>
54 </para>
55 </listitem>
56 <listitem>
57 <para>
58 Download MD5 sum: &cyrus-sasl-md5sum;
59 </para>
60 </listitem>
61 <listitem>
62 <para>
63 Download size: &cyrus-sasl-size;
64 </para>
65 </listitem>
66 <listitem>
67 <para>
68 Estimated disk space required: &cyrus-sasl-buildsize;
69 </para>
70 </listitem>
71 <listitem>
72 <para>
73 Estimated build time: &cyrus-sasl-time;
74 </para>
75 </listitem>
76 </itemizedlist>
77
78 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
79 <itemizedlist spacing="compact">
80 <listitem>
81 <para>
82 Required patch:
83 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch"/>
84 </para>
85 </listitem>
86 </itemizedlist>
87
88 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
89
90 <bridgehead renderas="sect4">Required</bridgehead>
91 <para role="required">
92 <xref linkend="openssl"/>
93 </para>
94
95 <bridgehead renderas="sect4">Recommended</bridgehead>
96 <para role="recommended">
97 <xref linkend="db"/>
98 </para>
99
100 <bridgehead renderas="sect4">Optional</bridgehead>
101 <para role="optional">
102 <xref linkend="linux-pam"/>,
103 <xref linkend="mitkrb"/>,
104 <xref linkend="mariadb"/> or <xref linkend="mysql"/>,
105 <xref linkend="openjdk"/>,
106 <xref linkend="openldap"/>,
107 <xref linkend="postgresql"/>,
108 <xref linkend="sqlite"/>,
109 <ulink url="ftp://ftp.pdc.kth.se/pub/krb/src/">krb4</ulink> and
110 <ulink url="http://dmalloc.com/">Dmalloc</ulink>
111 </para>
112
113 <para condition="html" role="usernotes">User Notes:
114 <ulink url="&blfs-wiki;/cyrus-sasl"/>
115 </para>
116 </sect2>
117
118 <sect2 role="installation">
119 <title>Installation of Cyrus SASL</title>
120
121 <note>
122 <para>
123 This package does not support parallel build.
124 </para>
125 </note>
126
127 <para>
128 Install <application>Cyrus SASL</application> by
129 running the following commands:
130 </para>
131
132<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch &amp;&amp;
133autoreconf -fi &amp;&amp;
134pushd saslauthd
135autoreconf -fi &amp;&amp;
136popd
137./configure --prefix=/usr \
138 --sysconfdir=/etc \
139 --enable-auth-sasldb \
140 --with-dbpath=/var/lib/sasl/sasldb2 \
141 --with-saslauthd=/var/run/saslauthd &amp;&amp;
142make -j1</userinput></screen>
143
144 <para>
145 This package does not come with a test suite. If you are planning
146 on using the GSSAPI authentication mechanism, it is recommended to test
147 it after installing the package using the sample server and client
148 programs which were built in the preceding step. Instructions for
149 performing the tests can be found at
150 <ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.
151 </para>
152
153 <para>
154 Now, as the <systemitem class="username">root</systemitem> user:
155 </para>
156
157<screen role="root"><userinput>make install &amp;&amp;
158install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
159install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
160 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
161install -v -dm700 /var/lib/sasl</userinput></screen>
162
163 </sect2>
164
165 <sect2 role="commands">
166 <title>Command Explanations</title>
167
168 <para>
169 <parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
170 switch forces the <command>sasldb</command> database to be created
171 in <filename class="directory">/var/lib/sasl</filename> instead of
172 <filename class="directory">/etc</filename>.
173 </para>
174
175 <para>
176 <parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
177 switch forces <command>saslauthd</command> to use the FHS compliant
178 directory <filename class="directory">/var/run/saslauthd</filename>
179 for variable run-time data.
180 </para>
181
182 <para>
183 <parameter>--enable-auth-sasldb</parameter>: This switch enables
184 SASLDB authentication backend.
185 </para>
186
187 <para>
188 <parameter>--with-dblib=gdbm</parameter>: This switch forces
189 <application>GDBM</application> to be used instead of
190 <application>Berkeley DB</application>.
191 </para>
192
193 <para>
194 <option>--with-ldap</option>: This switch enables the
195 <application>OpenLDAP</application> support.
196 </para>
197
198 <para>
199 <option>--enable-ldapdb</option>: This switch enables the
200 LDAPDB authentication backend. There is a circular dependency with this
201 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
202 this problem.
203 </para>
204
205 <para>
206 <option>--enable-java</option>: This switch enables compiling of the
207 <application>Java</application> support libraries.
208 </para>
209
210 <para>
211 <option>--enable-login</option>: This option enables unsupported
212 LOGIN authentication.
213 </para>
214
215 <para>
216 <option>--enable-ntlm</option>: This option enables unsupported
217 NTLM authentication.
218 </para>
219
220 <para>
221 <command>install -v -m644 ...</command>: These commands
222 install documentation which is not installed by the
223 <command>make install</command> command.
224 </para>
225
226 <para>
227 <command>install -v -m700 -d /var/lib/sasl</command>: This directory
228 must exist when starting <command>saslauthd</command> or using the
229 sasldb plugin. If you're not going to be running the daemon or
230 using the plugins, you may omit the creation of this directory.
231 </para>
232
233 </sect2>
234
235 <sect2 role="configuration">
236 <title>Configuring Cyrus SASL</title>
237
238 <sect3 id="cyrus-sasl-config">
239 <title>Config Files</title>
240
241 <para>
242 <filename>/etc/saslauthd.conf</filename>
243 (for <command>saslauthd</command> LDAP configuration) and
244 <filename>/etc/sasl2/Appname.conf</filename>
245 (where "Appname" is the application defined name of the application)
246 </para>
247
248 <indexterm zone="cyrus-sasl cyrus-sasl-config">
249 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
250 </indexterm>
251
252 </sect3>
253
254 <sect3>
255 <title>Configuration Information</title>
256
257 <para>
258 See
259 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
260 for information on what to include in the application configuration files.
261 </para>
262
263 <para>
264 See
265 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
266 for configuring <command>saslauthd</command> with
267 <application>OpenLDAP</application>.
268 </para>
269
270 <para>
271 See
272 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/gssapi.html"/>
273 for configuring <command>saslauthd</command> with <application>Kerberos</application>.
274 </para>
275
276 </sect3>
277
278 <sect3 id="cyrus-sasl-init">
279 <title>Init Script</title>
280
281 <para>
282 If you need to run the <command>saslauthd</command> daemon at system
283 startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename>
284 init script included in the <xref linkend="bootscripts"/>
285 package using the following command:
286 </para>
287
288 <indexterm zone="cyrus-sasl cyrus-sasl-init">
289 <primary sortas="f-saslauthd">saslauthd</primary>
290 </indexterm>
291
292<screen role="root"><userinput>make install-saslauthd</userinput></screen>
293
294 <note>
295 <para>
296 You'll need to modify /etc/sysconfig/saslauthd and replace the
297 <option><replaceable>AUTHMECH</replaceable></option> parameter
298 with your desired authentication mechanism.
299 </para>
300 </note>
301
302 </sect3>
303
304 </sect2>
305
306 <sect2 role="content">
307 <title>Contents</title>
308
309 <segmentedlist>
310 <segtitle>Installed Programs</segtitle>
311 <segtitle>Installed Library</segtitle>
312 <segtitle>Installed Directories</segtitle>
313
314 <seglistitem>
315 <seg>
316 pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and
317 testsaslauthd
318 </seg>
319 <seg>
320 libsasl2.so
321 </seg>
322 <seg>
323 /usr/include/sasl,
324 /usr/lib/sasl2,
325 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and
326 /var/lib/sasl
327 </seg>
328 </seglistitem>
329 </segmentedlist>
330
331 <variablelist>
332 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
333 <?dbfo list-presentation="list"?>
334 <?dbhtml list-presentation="table"?>
335
336 <varlistentry id="pluginviewer">
337 <term><command>pluginviewer</command></term>
338 <listitem>
339 <para>
340 is used to list loadable SASL plugins and their properties.
341 </para>
342 <indexterm zone="cyrus-sasl pluginviewer">
343 <primary sortas="b-pluginviewer">pluginviewer</primary>
344 </indexterm>
345 </listitem>
346 </varlistentry>
347
348 <varlistentry id="saslauthd">
349 <term><command>saslauthd</command></term>
350 <listitem>
351 <para>
352 is the SASL authentication server.
353 </para>
354 <indexterm zone="cyrus-sasl saslauthd">
355 <primary sortas="b-saslauthd">saslauthd</primary>
356 </indexterm>
357 </listitem>
358 </varlistentry>
359
360 <varlistentry id="sasldblistusers2">
361 <term><command>sasldblistusers2</command></term>
362 <listitem>
363 <para>
364 is used to list the users in the SASL password database
365 <filename>sasldb2</filename>.
366 </para>
367 <indexterm zone="cyrus-sasl sasldblistusers2">
368 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
369 </indexterm>
370 </listitem>
371 </varlistentry>
372
373 <varlistentry id="saslpasswd2">
374 <term><command>saslpasswd2</command></term>
375 <listitem>
376 <para>
377 is used to set and delete a user's SASL password and
378 mechanism specific secrets in the SASL password
379 database <filename>sasldb2</filename>.
380 </para>
381 <indexterm zone="cyrus-sasl saslpasswd2">
382 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
383 </indexterm>
384 </listitem>
385 </varlistentry>
386
387 <varlistentry id="testsaslauthd">
388 <term><command>testsaslauthd</command></term>
389 <listitem>
390 <para>
391 is a test utility for the SASL authentication server.
392 </para>
393 <indexterm zone="cyrus-sasl testsaslauthd">
394 <primary sortas="b-testsaslauthd">testsaslauthd</primary>
395 </indexterm>
396 </listitem>
397 </varlistentry>
398
399 <varlistentry id="libsasl2">
400 <term><filename class="libraryfile">libsasl2.so</filename></term>
401 <listitem>
402 <para>
403 is a general purpose authentication library for server
404 and client applications.
405 </para>
406 <indexterm zone="cyrus-sasl libsasl2">
407 <primary sortas="c-libsasl2">libsasl2.so</primary>
408 </indexterm>
409 </listitem>
410 </varlistentry>
411
412 </variablelist>
413
414 </sect2>
415
416</sect1>
Note: See TracBrowser for help on using the repository browser.