source: postlfs/security/cyrus-sasl.xml@ a273763

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since a273763 was a273763, checked in by Dan Nichilson <dnicholson@…>, 17 years ago

Updated to cyrus-sasl-2.1.22

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@7097 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 10.3 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz ">
8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9 <!ENTITY cyrus-sasl-md5sum "45dde9d19193ae9dd388eb68b2027bc9">
10 <!ENTITY cyrus-sasl-size "1.5 MB">
11 <!ENTITY cyrus-sasl-buildsize "14 MB">
12 <!ENTITY cyrus-sasl-time "0.2 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>The <application>Cyrus SASL</application> package contains a Simple
33 Authentication and Security Layer, a method for adding authentication
34 support to connection-based protocols. To use SASL, a protocol includes a
35 command for identifying and authenticating a user to a server and for
36 optionally negotiating protection of subsequent protocol interactions. If
37 its use is negotiated, a security layer is inserted between the protocol
38 and the connection.</para>
39
40 <bridgehead renderas="sect3">Package Information</bridgehead>
41 <itemizedlist spacing="compact">
42 <listitem>
43 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para>
44 </listitem>
45 <listitem>
46 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para>
47 </listitem>
48 <listitem>
49 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para>
50 </listitem>
51 <listitem>
52 <para>Download size: &cyrus-sasl-size;</para>
53 </listitem>
54 <listitem>
55 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para>
56 </listitem>
57 <listitem>
58 <para>Estimated build time: &cyrus-sasl-time;</para>
59 </listitem>
60 </itemizedlist>
61
62 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
63
64 <bridgehead renderas="sect4">Required</bridgehead>
65 <para role="required"><xref linkend="openssl"/></para>
66
67 <bridgehead renderas="sect4">Optional</bridgehead>
68 <para role="optional"><xref linkend="linux-pam"/>,
69 <xref linkend="openldap"/>,
70 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
71 <xref linkend="jdk"/>,
72 <xref linkend="mysql"/>,
73 <xref linkend="postgresql"/>,
74 <!-- <xref linkend="db"/>, -->
75 <xref linkend="gdbm"/>,
76 <!-- <xref linkend="courier"/>, -->
77 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>,
78 <ulink url="http://sqlite.org/">SQLite</ulink>, and
79 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para>
80
81 <para condition="html" role="usernotes">User Notes:
82 <ulink url="&blfs-wiki;/cyrus-sasl"/></para>
83
84 </sect2>
85
86 <sect2 role="installation">
87 <title>Installation of Cyrus SASL</title>
88
89 <para>Install <application>Cyrus SASL</application> by
90 running the following commands:</para>
91
92<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-openldap23-1.patch &amp;&amp;
93./configure --prefix=/usr --sysconfdir=/etc \
94 --with-dbpath=/var/lib/sasl/sasldb2 \
95 --with-saslauthd=/var/run/saslauthd &amp;&amp;
96make</userinput></screen>
97
98 <para>This package does not come with a test suite. If you are planning
99 on using the GSSAPI authentication mechanism, it is recommended to test
100 it after installing the package using the sample server and client programs
101 which were built in the preceding step. Instructions for performing the
102 tests can be found at <ulink
103 url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.</para>
104
105 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
106
107<screen role="root"><userinput>make install &amp;&amp;
108install -v -m755 -d /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
109install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
110 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
111install -v -m700 -d /var/lib/sasl /var/run/saslauthd</userinput></screen>
112
113 </sect2>
114
115 <sect2 role="commands">
116 <title>Command Explanations</title>
117
118 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
119 parameter forces the <command>sasldb</command> database to be created
120 in <filename class='directory'>/var/lib/sasl</filename> instead of
121 <filename class='directory'>/etc</filename>.</para>
122
123 <para><parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
124 parameter forces <command>saslauthd</command> to use the FHS compliant
125 directory <filename class='directory'>/var/run/saslauthd</filename> for
126 variable run-time data.</para>
127
128 <para><parameter>--with-dblib=gdbm</parameter>: This parameter forces
129 <application>GDBM</application> to be used instead of
130 <application>Berkeley DB</application>.</para>
131
132 <para><option>--with-ldap</option>: This parameter enables use
133 with <application>OpenLDAP</application>.</para>
134
135 <para><option>--enable-ldapdb</option>: This parameter enables the
136 LDAPDB authentication backend. There is a circular dependency with this
137 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
138 this problem.</para>
139
140 <para><command>install -v -m644 ...</command>: These commands
141 install documentation which is not installed by the
142 <command>make install</command> command.</para>
143
144 <para><command>install -v -m700 -d /var/lib/sasl /var/run/saslauthd</command>:
145 These directories must exist when starting <command>saslauthd</command> or
146 using the sasldb plugin. If you're not going to be running the daemon or
147 using the plugins, you may omit the creation of this directory.</para>
148
149 </sect2>
150
151 <sect2 role="configuration">
152 <title>Configuring Cyrus SASL</title>
153
154 <sect3 id="cyrus-sasl-config">
155 <title>Config Files</title>
156
157 <para><filename>/etc/saslauthd.conf</filename> (for
158 <command>saslauthd</command> LDAP configuration)
159 and <filename>/etc/sasl2/Appname.conf</filename> (where "Appname"
160 is the application defined name of the application)</para>
161
162 <indexterm zone="cyrus-sasl cyrus-sasl-config">
163 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
164 </indexterm>
165
166 </sect3>
167
168 <sect3>
169 <title>Configuration Information</title>
170
171 <para>See <ulink
172 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
173 for information on what to include in the application configuration files.
174 See <ulink
175 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
176 for configuring <command>saslauthd</command> with
177 <application>OpenLDAP</application>.</para>
178
179 </sect3>
180
181 <sect3 id="cyrus-sasl-init">
182 <title>Init Script</title>
183
184 <para>If you need to run the <command>saslauthd</command> daemon at system
185 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename>
186 init script included in the <xref linkend="bootscripts"/>
187 package.</para>
188
189 <indexterm zone="cyrus-sasl cyrus-sasl-init">
190 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary>
191 </indexterm>
192
193<screen role="root"><userinput>make install-cyrus-sasl</userinput></screen>
194
195 <note>
196 <para>You'll need to modify the init script and replace the
197 <option><replaceable>&lt;authmech&gt;</replaceable></option> parameter
198 to the <option>-a</option> switch with your desired authentication
199 mechanism.</para>
200 </note>
201
202 </sect3>
203
204 </sect2>
205
206 <sect2 role="content">
207 <title>Contents</title>
208
209 <segmentedlist>
210 <segtitle>Installed Programs</segtitle>
211 <segtitle>Installed Libraries</segtitle>
212 <segtitle>Installed Directories</segtitle>
213
214 <seglistitem>
215 <seg>saslauthd, sasldblistusers2, and saslpasswd2</seg>
216 <seg>libjavasasl.so, libsasl2.so, and numerous SASL plugins and
217 Java classes</seg>
218 <seg>/usr/include/sasl, /usr/lib/java/classes/sasl, /usr/lib/sasl2,
219 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg>
220 </seglistitem>
221 </segmentedlist>
222
223 <variablelist>
224 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
225 <?dbfo list-presentation="list"?>
226 <?dbhtml list-presentation="table"?>
227
228 <varlistentry id="saslauthd">
229 <term><command>saslauthd</command></term>
230 <listitem>
231 <para>is the SASL authentication server.</para>
232 <indexterm zone="cyrus-sasl saslauthd">
233 <primary sortas="b-saslauthd">saslauthd</primary>
234 </indexterm>
235 </listitem>
236 </varlistentry>
237
238 <varlistentry id="sasldblistusers2">
239 <term><command>sasldblistusers2</command></term>
240 <listitem>
241 <para>is used to list the users in the SASL password database
242 <filename>sasldb2</filename>.</para>
243 <indexterm zone="cyrus-sasl sasldblistusers2">
244 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
245 </indexterm>
246 </listitem>
247 </varlistentry>
248
249 <varlistentry id="saslpasswd2">
250 <term><command>saslpasswd2</command></term>
251 <listitem>
252 <para>is used to set and delete a user's SASL password and
253 mechanism specific secrets in the SASL password database
254 <filename>sasldb2</filename>.</para>
255 <indexterm zone="cyrus-sasl saslpasswd2">
256 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
257 </indexterm>
258 </listitem>
259 </varlistentry>
260
261 <varlistentry id="libsasl2">
262 <term><filename class='libraryfile'>libsasl2.so</filename></term>
263 <listitem>
264 <para>is a general purpose authentication library for server and
265 client applications.</para>
266 <indexterm zone="cyrus-sasl libsasl2">
267 <primary sortas="c-libsasl2">libsasl2.so</primary>
268 </indexterm>
269 </listitem>
270 </varlistentry>
271
272 </variablelist>
273
274 </sect2>
275
276</sect1>
Note: See TracBrowser for help on using the repository browser.