source: postlfs/security/cyrus-sasl.xml@ b66ece35

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since b66ece35 was b66ece35, checked in by DJ Lucas <dj@…>, 14 years ago

Update all jdk links to include optional IcedTea6 links.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@8597 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 10.5 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9 <!ENTITY cyrus-sasl-md5sum "2eb0e48106f0e9cd8001e654f267ecbc">
10 <!ENTITY cyrus-sasl-size "1.6 MB">
11 <!ENTITY cyrus-sasl-buildsize "17 MB">
12 <!ENTITY cyrus-sasl-time "0.3 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>The <application>Cyrus SASL</application> package contains a Simple
33 Authentication and Security Layer, a method for adding authentication
34 support to connection-based protocols. To use SASL, a protocol includes a
35 command for identifying and authenticating a user to a server and for
36 optionally negotiating protection of subsequent protocol interactions. If
37 its use is negotiated, a security layer is inserted between the protocol
38 and the connection.</para>
39
40 <bridgehead renderas="sect3">Package Information</bridgehead>
41 <itemizedlist spacing="compact">
42 <listitem>
43 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para>
44 </listitem>
45 <listitem>
46 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para>
47 </listitem>
48 <listitem>
49 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para>
50 </listitem>
51 <listitem>
52 <para>Download size: &cyrus-sasl-size;</para>
53 </listitem>
54 <listitem>
55 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para>
56 </listitem>
57 <listitem>
58 <para>Estimated build time: &cyrus-sasl-time;</para>
59 </listitem>
60 </itemizedlist>
61
62 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
63
64 <bridgehead renderas="sect4">Required</bridgehead>
65 <para role="required"><xref linkend="openssl"/></para>
66
67 <bridgehead renderas="sect4">Optional</bridgehead>
68 <para role="optional"><xref linkend="linux-pam"/>,
69 <xref linkend="openldap"/>,
70 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
71 <xref linkend="icedtea6"/> or <xref linkend="jdk"/>,
72 <xref linkend="mysql"/>,
73 <xref linkend="postgresql"/>,
74 <xref linkend="db"/>,
75 <xref linkend="sqlite"/>,
76 <!-- <xref linkend="gdbm"/>,
77 <xref linkend="courier"/>, -->
78 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>, and
79 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para>
80
81 <para condition="html" role="usernotes">User Notes:
82 <ulink url="&blfs-wiki;/cyrus-sasl"/></para>
83
84 </sect2>
85
86 <sect2 role="installation">
87 <title>Installation of Cyrus SASL</title>
88
89 <para>Install <application>Cyrus SASL</application> by
90 running the following commands:</para>
91
92<screen><userinput>sed -i.bak 's/#elif WITH_DES/#elif defined(WITH_DES)/' \
93 plugins/digestmd5.c &amp;&amp;
94./configure --prefix=/usr \
95 --sysconfdir=/etc \
96 --with-dbpath=/var/lib/sasl/sasldb2 \
97 --with-saslauthd=/var/run/saslauthd &amp;&amp;
98make</userinput></screen>
99
100 <para>This package does not come with a test suite. If you are planning
101 on using the GSSAPI authentication mechanism, it is recommended to test
102 it after installing the package using the sample server and client programs
103 which were built in the preceding step. Instructions for performing the
104 tests can be found at <ulink
105 url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.</para>
106
107 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
108
109<screen role="root"><userinput>make install &amp;&amp;
110install -v -m755 -d /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
111install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
112 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
113install -v -m700 -d /var/lib/sasl &amp;&amp;
114install -v -m711 -d /var/run/saslauthd</userinput></screen>
115
116 </sect2>
117
118 <sect2 role="commands">
119 <title>Command Explanations</title>
120
121 <para><command>sed -i.bak ... plugins/digestmd5.c</command>: This fixes
122 a build problem caused by using newer compilers.</para>
123
124 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
125 parameter forces the <command>sasldb</command> database to be created
126 in <filename class='directory'>/var/lib/sasl</filename> instead of
127 <filename class='directory'>/etc</filename>.</para>
128
129 <para><parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
130 parameter forces <command>saslauthd</command> to use the FHS compliant
131 directory <filename class='directory'>/var/run/saslauthd</filename> for
132 variable run-time data.</para>
133
134 <para><parameter>--with-dblib=gdbm</parameter>: This parameter forces
135 <application>GDBM</application> to be used instead of
136 <application>Berkeley DB</application>.</para>
137
138 <para><option>--with-ldap</option>: This parameter enables use
139 with <application>OpenLDAP</application>.</para>
140
141 <para><option>--enable-ldapdb</option>: This parameter enables the
142 LDAPDB authentication backend. There is a circular dependency with this
143 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
144 this problem.</para>
145
146 <para><command>install -v -m644 ...</command>: These commands
147 install documentation which is not installed by the
148 <command>make install</command> command.</para>
149
150 <para><command>install -v -m700 -d /var/lib/sasl ... -m711 /var/run/saslauthd</command>:
151 These directories must exist when starting <command>saslauthd</command> or
152 using the sasldb plugin. If you're not going to be running the daemon or
153 using the plugins, you may omit the creation of this directory.</para>
154
155 </sect2>
156
157 <sect2 role="configuration">
158 <title>Configuring Cyrus SASL</title>
159
160 <sect3 id="cyrus-sasl-config">
161 <title>Config Files</title>
162
163 <para><filename>/etc/saslauthd.conf</filename> (for
164 <command>saslauthd</command> LDAP configuration)
165 and <filename>/etc/sasl2/Appname.conf</filename> (where "Appname"
166 is the application defined name of the application)</para>
167
168 <indexterm zone="cyrus-sasl cyrus-sasl-config">
169 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
170 </indexterm>
171
172 </sect3>
173
174 <sect3>
175 <title>Configuration Information</title>
176
177 <para>See <ulink
178 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
179 for information on what to include in the application configuration files.
180 See <ulink
181 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
182 for configuring <command>saslauthd</command> with
183 <application>OpenLDAP</application>.</para>
184
185 </sect3>
186
187 <sect3 id="cyrus-sasl-init">
188 <title>Init Script</title>
189
190 <para>If you need to run the <command>saslauthd</command> daemon at system
191 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename>
192 init script included in the <xref linkend="bootscripts"/>
193 package.</para>
194
195 <indexterm zone="cyrus-sasl cyrus-sasl-init">
196 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary>
197 </indexterm>
198
199<screen role="root"><userinput>make install-cyrus-sasl</userinput></screen>
200
201 <note>
202 <para>You'll need to modify the init script and replace the
203 <option><replaceable>&lt;authmech&gt;</replaceable></option> parameter
204 to the <option>-a</option> switch with your desired authentication
205 mechanism.</para>
206 </note>
207
208 </sect3>
209
210 </sect2>
211
212 <sect2 role="content">
213 <title>Contents</title>
214
215 <segmentedlist>
216 <segtitle>Installed Programs</segtitle>
217 <segtitle>Installed Libraries</segtitle>
218 <segtitle>Installed Directories</segtitle>
219
220 <seglistitem>
221 <seg>saslauthd, sasldblistusers2, and saslpasswd2</seg>
222 <seg>libjavasasl.so, libsasl2.so, and numerous SASL plugins and
223 Java classes</seg>
224 <seg>/usr/include/sasl, /usr/lib/java/classes/sasl, /usr/lib/sasl2,
225 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg>
226 </seglistitem>
227 </segmentedlist>
228
229 <variablelist>
230 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
231 <?dbfo list-presentation="list"?>
232 <?dbhtml list-presentation="table"?>
233
234 <varlistentry id="saslauthd">
235 <term><command>saslauthd</command></term>
236 <listitem>
237 <para>is the SASL authentication server.</para>
238 <indexterm zone="cyrus-sasl saslauthd">
239 <primary sortas="b-saslauthd">saslauthd</primary>
240 </indexterm>
241 </listitem>
242 </varlistentry>
243
244 <varlistentry id="sasldblistusers2">
245 <term><command>sasldblistusers2</command></term>
246 <listitem>
247 <para>is used to list the users in the SASL password database
248 <filename>sasldb2</filename>.</para>
249 <indexterm zone="cyrus-sasl sasldblistusers2">
250 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
251 </indexterm>
252 </listitem>
253 </varlistentry>
254
255 <varlistentry id="saslpasswd2">
256 <term><command>saslpasswd2</command></term>
257 <listitem>
258 <para>is used to set and delete a user's SASL password and
259 mechanism specific secrets in the SASL password database
260 <filename>sasldb2</filename>.</para>
261 <indexterm zone="cyrus-sasl saslpasswd2">
262 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
263 </indexterm>
264 </listitem>
265 </varlistentry>
266
267 <varlistentry id="libsasl2">
268 <term><filename class='libraryfile'>libsasl2.so</filename></term>
269 <listitem>
270 <para>is a general purpose authentication library for server and
271 client applications.</para>
272 <indexterm zone="cyrus-sasl libsasl2">
273 <primary sortas="c-libsasl2">libsasl2.so</primary>
274 </indexterm>
275 </listitem>
276 </varlistentry>
277
278 </variablelist>
279
280 </sect2>
281
282</sect1>
Note: See TracBrowser for help on using the repository browser.