source: postlfs/security/cyrus-sasl.xml@ 7ffeb4bd

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 9.1 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since 7ffeb4bd was 7ffeb4bd, checked in by Douglas R. Reno <renodr@…>, 4 years ago

Miscellaneous tags
cyrus-sasl: Fix documentation links

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@22714 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 13.7 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-&cyrus-sasl-version;/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
8 <!ENTITY cyrus-sasl-download-ftp " ">
9 <!ENTITY cyrus-sasl-md5sum "a33820c66e0622222c5aefafa1581083">
10 <!ENTITY cyrus-sasl-size "3.9 MB">
11 <!ENTITY cyrus-sasl-buildsize "26 MB">
12 <!ENTITY cyrus-sasl-time "0.1 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>
33 The <application>Cyrus SASL</application> package contains a Simple
34 Authentication and Security Layer, a method for adding authentication
35 support to connection-based protocols. To use SASL, a protocol includes
36 a command for identifying and authenticating a user to a server and for
37 optionally negotiating protection of subsequent protocol interactions.
38 If its use is negotiated, a security layer is inserted between the
39 protocol and the connection.
40 </para>
41
42 &lfs91_checked;
43
44 <!-- To test this package at freeze, run the following command:
45 testsaslauthd -u <current user> -p <password>
46 after saslauthd is started. -->
47 <bridgehead renderas="sect3">Package Information</bridgehead>
48 <itemizedlist spacing="compact">
49 <listitem>
50 <para>
51 Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/>
52 </para>
53 </listitem>
54 <listitem>
55 <para>
56 Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/>
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 Download MD5 sum: &cyrus-sasl-md5sum;
62 </para>
63 </listitem>
64 <listitem>
65 <para>
66 Download size: &cyrus-sasl-size;
67 </para>
68 </listitem>
69 <listitem>
70 <para>
71 Estimated disk space required: &cyrus-sasl-buildsize;
72 </para>
73 </listitem>
74 <listitem>
75 <para>
76 Estimated build time: &cyrus-sasl-time;
77 </para>
78 </listitem>
79 </itemizedlist>
80<!-- Not needed at version 2.1.27
81 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
82 <itemizedlist spacing="compact">
83 <listitem>
84 <para>
85 Required patch:
86 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-3.patch"/>
87 </para>
88 </listitem>
89 <listitem>
90 <para>
91 Required patch:
92 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-openssl-1.1.0-1.patch"/>
93 </para>
94 </listitem>
95 </itemizedlist>
96-->
97 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
98
99 <bridgehead renderas="sect4">Recommended</bridgehead>
100 <para role="recommended">
101 <xref linkend="db"/>
102 </para>
103
104 <bridgehead renderas="sect4">Optional</bridgehead>
105 <para role="optional">
106 <xref linkend="linux-pam"/>,
107 <xref linkend="mitkrb"/>,
108 <xref linkend="mariadb"/> or <ulink url="http://www.mysql.com/">MySQL</ulink>,
109 <xref linkend="openjdk"/>,
110 <xref linkend="openldap"/>,
111 <xref linkend="postgresql"/>,
112 <xref linkend="sqlite"/>,
113 <ulink url="https://stuff.mit.edu/afs/net.mit.edu/project/attic/krb4/">krb4</ulink> and
114 <ulink url="http://dmalloc.com/">Dmalloc</ulink>
115 </para>
116
117 <para condition="html" role="usernotes">User Notes:
118 <ulink url="&blfs-wiki;/cyrus-sasl"/>
119 </para>
120 </sect2>
121
122 <sect2 role="installation">
123 <title>Installation of Cyrus SASL</title>
124
125 <note>
126 <para>
127 This package does not support parallel build.
128 </para>
129 </note>
130
131 <para>
132 Install <application>Cyrus SASL</application> by
133 running the following commands:
134 </para>
135
136<screen><userinput>./configure --prefix=/usr \
137 --sysconfdir=/etc \
138 --enable-auth-sasldb \
139 --with-dbpath=/var/lib/sasl/sasldb2 \
140 --with-saslauthd=/var/run/saslauthd &amp;&amp;
141make -j1</userinput></screen>
142
143 <para>
144 This package does not come with a test suite. If you are planning
145 on using the GSSAPI authentication mechanism, test
146 it after installing the package using the sample server and client
147 programs which were built in the preceding step. Instructions for
148 performing the tests can be found at
149 <ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.
150 </para>
151
152 <para>
153 Now, as the <systemitem class="username">root</systemitem> user:
154 </para>
155
156<screen role="root"><userinput>make install &amp;&amp;
157install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/html &amp;&amp;
158install -v -m644 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
159install -v -m644 doc/legacy/*.html /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/html &amp;&amp;
160install -v -dm700 /var/lib/sasl</userinput></screen>
161
162 </sect2>
163
164 <sect2 role="commands">
165 <title>Command Explanations</title>
166
167 <para>
168 <parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
169 switch forces the <command>sasldb</command> database to be created
170 in <filename class="directory">/var/lib/sasl</filename> instead of
171 <filename class="directory">/etc</filename>.
172 </para>
173
174 <para>
175 <parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
176 switch forces <command>saslauthd</command> to use the FHS compliant
177 directory <filename class="directory">/var/run/saslauthd</filename>
178 for variable run-time data.
179 </para>
180
181 <para>
182 <parameter>--enable-auth-sasldb</parameter>: This switch enables
183 SASLDB authentication backend.
184 </para>
185
186 <para>
187 <option>--with-dblib=gdbm</option>: This switch forces
188 <application>GDBM</application> to be used instead of
189 <application>Berkeley DB</application>.
190 </para>
191
192 <para>
193 <option>--with-ldap</option>: This switch enables the
194 <application>OpenLDAP</application> support.
195 </para>
196
197 <para>
198 <option>--enable-ldapdb</option>: This switch enables the
199 LDAPDB authentication backend. There is a circular dependency with this
200 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
201 this problem.
202 </para>
203
204 <para>
205 <option>--enable-java</option>: This switch enables compiling of the
206 <application>Java</application> support libraries.
207 </para>
208
209 <para>
210 <option>--enable-login</option>: This option enables unsupported
211 LOGIN authentication.
212 </para>
213
214 <para>
215 <option>--enable-ntlm</option>: This option enables unsupported
216 NTLM authentication.
217 </para>
218
219 <para>
220 <command>install -v -m644 ...</command>: These commands
221 install documentation which is not installed by the
222 <command>make install</command> command.
223 </para>
224
225 <para>
226 <command>install -v -m700 -d /var/lib/sasl</command>: This directory
227 must exist when starting <command>saslauthd</command> or using the
228 sasldb plugin. If you're not going to be running the daemon or
229 using the plugins, you may omit the creation of this directory.
230 </para>
231
232 </sect2>
233
234 <sect2 role="configuration">
235 <title>Configuring Cyrus SASL</title>
236
237 <sect3 id="cyrus-sasl-config">
238 <title>Config Files</title>
239
240 <para>
241 <filename>/etc/saslauthd.conf</filename>
242 (for <command>saslauthd</command> LDAP configuration) and
243 <filename>/etc/sasl2/Appname.conf</filename>
244 (where "Appname" is the application defined name of the application)
245 </para>
246
247 <indexterm zone="cyrus-sasl cyrus-sasl-config">
248 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
249 </indexterm>
250
251 </sect3>
252
253 <sect3>
254 <title>Configuration Information</title>
255
256 <para>
257 See
258 <ulink url="https://www.cyrusimap.org/sasl/sasl/sysadmin.html"/>
259 for information on what to include in the application configuration files.
260 </para>
261
262 <para>
263 See
264 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
265 for configuring <command>saslauthd</command> with
266 <application>OpenLDAP</application>.
267 </para>
268
269 <para>
270 See
271 <ulink url="https://www.cyrusimap.org/sasl/sasl/gssapi.html#gssapi"/>
272 for configuring <command>saslauthd</command> with <application>Kerberos</application>.
273 </para>
274
275 </sect3>
276
277 <sect3 id="cyrus-sasl-init">
278 <title><phrase revision="sysv">Init Script</phrase>
279 <phrase revision="systemd">Systemd Unit</phrase></title>
280
281 <para revision="sysv">
282 If you need to run the <command>saslauthd</command> daemon at system
283 startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename>
284 init script included in the
285 <xref linkend="bootscripts"/> package using the following command:
286 </para>
287
288 <para revision="systemd">
289 If you need to run the <command>saslauthd</command> daemon at system
290 startup, install the <filename>saslauthd.service</filename> unit
291 included in the <xref linkend="systemd-units"/> package using the
292 following command:
293 </para>
294
295 <indexterm zone="cyrus-sasl cyrus-sasl-init">
296 <primary sortas="f-saslauthd">saslauthd</primary>
297 </indexterm>
298
299<screen role="root"><userinput>make install-saslauthd</userinput></screen>
300
301 <note>
302 <para>
303 You'll need to modify
304 <filename revision="sysv">/etc/sysconfig/saslauthd</filename>
305 <filename revision="systemd">/etc/default/saslauthd</filename>
306 and modify the
307 <option revision="sysv">AUTHMECH</option>
308 <option revision="systemd">MECHANISM</option>
309 parameter with your desired authentication mechanism.
310 <phrase revision="systemd">The default authentication
311 mechanism is "shadow".</phrase>
312 </para>
313 </note>
314
315 </sect3>
316
317 </sect2>
318
319 <sect2 role="content">
320 <title>Contents</title>
321
322 <segmentedlist>
323 <segtitle>Installed Programs</segtitle>
324 <segtitle>Installed Library</segtitle>
325 <segtitle>Installed Directories</segtitle>
326
327 <seglistitem>
328 <seg>
329 pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and
330 testsaslauthd
331 </seg>
332 <seg>
333 libsasl2.so
334 </seg>
335 <seg>
336 /usr/include/sasl,
337 /usr/lib/sasl2,
338 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and
339 /var/lib/sasl
340 </seg>
341 </seglistitem>
342 </segmentedlist>
343
344 <variablelist>
345 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
346 <?dbfo list-presentation="list"?>
347 <?dbhtml list-presentation="table"?>
348
349 <varlistentry id="pluginviewer">
350 <term><command>pluginviewer</command></term>
351 <listitem>
352 <para>
353 is used to list loadable SASL plugins and their properties.
354 </para>
355 <indexterm zone="cyrus-sasl pluginviewer">
356 <primary sortas="b-pluginviewer">pluginviewer</primary>
357 </indexterm>
358 </listitem>
359 </varlistentry>
360
361 <varlistentry id="saslauthd">
362 <term><command>saslauthd</command></term>
363 <listitem>
364 <para>
365 is the SASL authentication server.
366 </para>
367 <indexterm zone="cyrus-sasl saslauthd">
368 <primary sortas="b-saslauthd">saslauthd</primary>
369 </indexterm>
370 </listitem>
371 </varlistentry>
372
373 <varlistentry id="sasldblistusers2">
374 <term><command>sasldblistusers2</command></term>
375 <listitem>
376 <para>
377 is used to list the users in the SASL password database
378 <filename>sasldb2</filename>.
379 </para>
380 <indexterm zone="cyrus-sasl sasldblistusers2">
381 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
382 </indexterm>
383 </listitem>
384 </varlistentry>
385
386 <varlistentry id="saslpasswd2">
387 <term><command>saslpasswd2</command></term>
388 <listitem>
389 <para>
390 is used to set and delete a user's SASL password and
391 mechanism specific secrets in the SASL password
392 database <filename>sasldb2</filename>.
393 </para>
394 <indexterm zone="cyrus-sasl saslpasswd2">
395 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
396 </indexterm>
397 </listitem>
398 </varlistentry>
399
400 <varlistentry id="testsaslauthd">
401 <term><command>testsaslauthd</command></term>
402 <listitem>
403 <para>
404 is a test utility for the SASL authentication server.
405 </para>
406 <indexterm zone="cyrus-sasl testsaslauthd">
407 <primary sortas="b-testsaslauthd">testsaslauthd</primary>
408 </indexterm>
409 </listitem>
410 </varlistentry>
411
412 <varlistentry id="libsasl2">
413 <term><filename class="libraryfile">libsasl2.so</filename></term>
414 <listitem>
415 <para>
416 is a general purpose authentication library for server
417 and client applications.
418 </para>
419 <indexterm zone="cyrus-sasl libsasl2">
420 <primary sortas="c-libsasl2">libsasl2.so</primary>
421 </indexterm>
422 </listitem>
423 </varlistentry>
424
425 </variablelist>
426
427 </sect2>
428
429</sect1>
Note: See TracBrowser for help on using the repository browser.