source: postlfs/security/cyrus-sasl.xml@ fd53636

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/intltool xry111/llvm18 xry111/soup3 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since fd53636 was ba718791, checked in by Douglas R. Reno <renodr@…>, 4 years ago

Commit some changes that I've been accumulating through my workstation build:

cyrus-sasl: Update some depedencies that we missed when doing the last update
sg3_utils: Add a new installed command + description
freetype2: Remove obsolete command explanation.

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@22826 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 13.9 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "https://github.com/cyrusimap/cyrus-sasl/releases/download/cyrus-sasl-&cyrus-sasl-version;/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
8 <!ENTITY cyrus-sasl-download-ftp " ">
9 <!ENTITY cyrus-sasl-md5sum "a33820c66e0622222c5aefafa1581083">
10 <!ENTITY cyrus-sasl-size "3.9 MB">
11 <!ENTITY cyrus-sasl-buildsize "26 MB">
12 <!ENTITY cyrus-sasl-time "0.1 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 </sect1info>
22
23 <title>Cyrus SASL-&cyrus-sasl-version;</title>
24
25 <indexterm zone="cyrus-sasl">
26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
27 </indexterm>
28
29 <sect2 role="package">
30 <title>Introduction to Cyrus SASL</title>
31
32 <para>
33 The <application>Cyrus SASL</application> package contains a Simple
34 Authentication and Security Layer, a method for adding authentication
35 support to connection-based protocols. To use SASL, a protocol includes
36 a command for identifying and authenticating a user to a server and for
37 optionally negotiating protection of subsequent protocol interactions.
38 If its use is negotiated, a security layer is inserted between the
39 protocol and the connection.
40 </para>
41
42 &lfs91_checked;
43
44 <!-- To test this package at freeze, run the following command:
45 testsaslauthd -u <current user> -p <password>
46 after saslauthd is started. -->
47 <bridgehead renderas="sect3">Package Information</bridgehead>
48 <itemizedlist spacing="compact">
49 <listitem>
50 <para>
51 Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/>
52 </para>
53 </listitem>
54 <listitem>
55 <para>
56 Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/>
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 Download MD5 sum: &cyrus-sasl-md5sum;
62 </para>
63 </listitem>
64 <listitem>
65 <para>
66 Download size: &cyrus-sasl-size;
67 </para>
68 </listitem>
69 <listitem>
70 <para>
71 Estimated disk space required: &cyrus-sasl-buildsize;
72 </para>
73 </listitem>
74 <listitem>
75 <para>
76 Estimated build time: &cyrus-sasl-time;
77 </para>
78 </listitem>
79 </itemizedlist>
80<!-- Not needed at version 2.1.27
81 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
82 <itemizedlist spacing="compact">
83 <listitem>
84 <para>
85 Required patch:
86 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-3.patch"/>
87 </para>
88 </listitem>
89 <listitem>
90 <para>
91 Required patch:
92 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-openssl-1.1.0-1.patch"/>
93 </para>
94 </listitem>
95 </itemizedlist>
96-->
97 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
98
99 <bridgehead renderas="sect4">Recommended</bridgehead>
100 <para role="recommended">
101 <xref linkend="db"/>
102 </para>
103
104 <bridgehead renderas="sect4">Optional</bridgehead>
105 <para role="optional">
106 <xref linkend="linux-pam"/>,
107 <xref linkend="mitkrb"/>,
108 <xref linkend="mariadb"/> or <ulink url="http://www.mysql.com/">MySQL</ulink>,
109 <xref linkend="openjdk"/>,
110 <xref linkend="openldap"/>,
111 <xref linkend="postgresql"/>,
112 <xref linkend="sqlite"/>,
113 <ulink url="https://stuff.mit.edu/afs/net.mit.edu/project/attic/krb4/">krb4</ulink>,
114 <ulink url="http://dmalloc.com/">Dmalloc</ulink>,
115 <ulink url="https://metacpan.org/pod/Pod::POM::View::Restructured">Pod::POM::View::Restructured</ulink>,
116 and <ulink url="https://pypi.org/project/Sphinx">Sphinx</ulink>
117 </para>
118
119 <para condition="html" role="usernotes">User Notes:
120 <ulink url="&blfs-wiki;/cyrus-sasl"/>
121 </para>
122 </sect2>
123
124 <sect2 role="installation">
125 <title>Installation of Cyrus SASL</title>
126
127 <note>
128 <para>
129 This package does not support parallel build.
130 </para>
131 </note>
132
133 <para>
134 Install <application>Cyrus SASL</application> by
135 running the following commands:
136 </para>
137
138<screen><userinput>./configure --prefix=/usr \
139 --sysconfdir=/etc \
140 --enable-auth-sasldb \
141 --with-dbpath=/var/lib/sasl/sasldb2 \
142 --with-saslauthd=/var/run/saslauthd &amp;&amp;
143make -j1</userinput></screen>
144
145 <para>
146 This package does not come with a test suite. If you are planning
147 on using the GSSAPI authentication mechanism, test
148 it after installing the package using the sample server and client
149 programs which were built in the preceding step. Instructions for
150 performing the tests can be found at
151 <ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.
152 </para>
153
154 <para>
155 Now, as the <systemitem class="username">root</systemitem> user:
156 </para>
157
158<screen role="root"><userinput>make install &amp;&amp;
159install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/html &amp;&amp;
160install -v -m644 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
161install -v -m644 doc/legacy/*.html /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/html &amp;&amp;
162install -v -dm700 /var/lib/sasl</userinput></screen>
163
164 </sect2>
165
166 <sect2 role="commands">
167 <title>Command Explanations</title>
168
169 <para>
170 <parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
171 switch forces the <command>sasldb</command> database to be created
172 in <filename class="directory">/var/lib/sasl</filename> instead of
173 <filename class="directory">/etc</filename>.
174 </para>
175
176 <para>
177 <parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This
178 switch forces <command>saslauthd</command> to use the FHS compliant
179 directory <filename class="directory">/var/run/saslauthd</filename>
180 for variable run-time data.
181 </para>
182
183 <para>
184 <parameter>--enable-auth-sasldb</parameter>: This switch enables
185 SASLDB authentication backend.
186 </para>
187
188 <para>
189 <option>--with-dblib=gdbm</option>: This switch forces
190 <application>GDBM</application> to be used instead of
191 <application>Berkeley DB</application>.
192 </para>
193
194 <para>
195 <option>--with-ldap</option>: This switch enables the
196 <application>OpenLDAP</application> support.
197 </para>
198
199 <para>
200 <option>--enable-ldapdb</option>: This switch enables the
201 LDAPDB authentication backend. There is a circular dependency with this
202 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
203 this problem.
204 </para>
205
206 <para>
207 <option>--enable-java</option>: This switch enables compiling of the
208 <application>Java</application> support libraries.
209 </para>
210
211 <para>
212 <option>--enable-login</option>: This option enables unsupported
213 LOGIN authentication.
214 </para>
215
216 <para>
217 <option>--enable-ntlm</option>: This option enables unsupported
218 NTLM authentication.
219 </para>
220
221 <para>
222 <command>install -v -m644 ...</command>: These commands
223 install documentation which is not installed by the
224 <command>make install</command> command.
225 </para>
226
227 <para>
228 <command>install -v -m700 -d /var/lib/sasl</command>: This directory
229 must exist when starting <command>saslauthd</command> or using the
230 sasldb plugin. If you're not going to be running the daemon or
231 using the plugins, you may omit the creation of this directory.
232 </para>
233
234 </sect2>
235
236 <sect2 role="configuration">
237 <title>Configuring Cyrus SASL</title>
238
239 <sect3 id="cyrus-sasl-config">
240 <title>Config Files</title>
241
242 <para>
243 <filename>/etc/saslauthd.conf</filename>
244 (for <command>saslauthd</command> LDAP configuration) and
245 <filename>/etc/sasl2/Appname.conf</filename>
246 (where "Appname" is the application defined name of the application)
247 </para>
248
249 <indexterm zone="cyrus-sasl cyrus-sasl-config">
250 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
251 </indexterm>
252
253 </sect3>
254
255 <sect3>
256 <title>Configuration Information</title>
257
258 <para>
259 See
260 <ulink url="https://www.cyrusimap.org/sasl/sasl/sysadmin.html"/>
261 for information on what to include in the application configuration files.
262 </para>
263
264 <para>
265 See
266 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
267 for configuring <command>saslauthd</command> with
268 <application>OpenLDAP</application>.
269 </para>
270
271 <para>
272 See
273 <ulink url="https://www.cyrusimap.org/sasl/sasl/gssapi.html#gssapi"/>
274 for configuring <command>saslauthd</command> with <application>Kerberos</application>.
275 </para>
276
277 </sect3>
278
279 <sect3 id="cyrus-sasl-init">
280 <title><phrase revision="sysv">Init Script</phrase>
281 <phrase revision="systemd">Systemd Unit</phrase></title>
282
283 <para revision="sysv">
284 If you need to run the <command>saslauthd</command> daemon at system
285 startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename>
286 init script included in the
287 <xref linkend="bootscripts"/> package using the following command:
288 </para>
289
290 <para revision="systemd">
291 If you need to run the <command>saslauthd</command> daemon at system
292 startup, install the <filename>saslauthd.service</filename> unit
293 included in the <xref linkend="systemd-units"/> package using the
294 following command:
295 </para>
296
297 <indexterm zone="cyrus-sasl cyrus-sasl-init">
298 <primary sortas="f-saslauthd">saslauthd</primary>
299 </indexterm>
300
301<screen role="root"><userinput>make install-saslauthd</userinput></screen>
302
303 <note>
304 <para>
305 You'll need to modify
306 <filename revision="sysv">/etc/sysconfig/saslauthd</filename>
307 <filename revision="systemd">/etc/default/saslauthd</filename>
308 and modify the
309 <option revision="sysv">AUTHMECH</option>
310 <option revision="systemd">MECHANISM</option>
311 parameter with your desired authentication mechanism.
312 <phrase revision="systemd">The default authentication
313 mechanism is "shadow".</phrase>
314 </para>
315 </note>
316
317 </sect3>
318
319 </sect2>
320
321 <sect2 role="content">
322 <title>Contents</title>
323
324 <segmentedlist>
325 <segtitle>Installed Programs</segtitle>
326 <segtitle>Installed Library</segtitle>
327 <segtitle>Installed Directories</segtitle>
328
329 <seglistitem>
330 <seg>
331 pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and
332 testsaslauthd
333 </seg>
334 <seg>
335 libsasl2.so
336 </seg>
337 <seg>
338 /usr/include/sasl,
339 /usr/lib/sasl2,
340 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and
341 /var/lib/sasl
342 </seg>
343 </seglistitem>
344 </segmentedlist>
345
346 <variablelist>
347 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
348 <?dbfo list-presentation="list"?>
349 <?dbhtml list-presentation="table"?>
350
351 <varlistentry id="pluginviewer">
352 <term><command>pluginviewer</command></term>
353 <listitem>
354 <para>
355 is used to list loadable SASL plugins and their properties.
356 </para>
357 <indexterm zone="cyrus-sasl pluginviewer">
358 <primary sortas="b-pluginviewer">pluginviewer</primary>
359 </indexterm>
360 </listitem>
361 </varlistentry>
362
363 <varlistentry id="saslauthd">
364 <term><command>saslauthd</command></term>
365 <listitem>
366 <para>
367 is the SASL authentication server.
368 </para>
369 <indexterm zone="cyrus-sasl saslauthd">
370 <primary sortas="b-saslauthd">saslauthd</primary>
371 </indexterm>
372 </listitem>
373 </varlistentry>
374
375 <varlistentry id="sasldblistusers2">
376 <term><command>sasldblistusers2</command></term>
377 <listitem>
378 <para>
379 is used to list the users in the SASL password database
380 <filename>sasldb2</filename>.
381 </para>
382 <indexterm zone="cyrus-sasl sasldblistusers2">
383 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
384 </indexterm>
385 </listitem>
386 </varlistentry>
387
388 <varlistentry id="saslpasswd2">
389 <term><command>saslpasswd2</command></term>
390 <listitem>
391 <para>
392 is used to set and delete a user's SASL password and
393 mechanism specific secrets in the SASL password
394 database <filename>sasldb2</filename>.
395 </para>
396 <indexterm zone="cyrus-sasl saslpasswd2">
397 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
398 </indexterm>
399 </listitem>
400 </varlistentry>
401
402 <varlistentry id="testsaslauthd">
403 <term><command>testsaslauthd</command></term>
404 <listitem>
405 <para>
406 is a test utility for the SASL authentication server.
407 </para>
408 <indexterm zone="cyrus-sasl testsaslauthd">
409 <primary sortas="b-testsaslauthd">testsaslauthd</primary>
410 </indexterm>
411 </listitem>
412 </varlistentry>
413
414 <varlistentry id="libsasl2">
415 <term><filename class="libraryfile">libsasl2.so</filename></term>
416 <listitem>
417 <para>
418 is a general purpose authentication library for server
419 and client applications.
420 </para>
421 <indexterm zone="cyrus-sasl libsasl2">
422 <primary sortas="c-libsasl2">libsasl2.so</primary>
423 </indexterm>
424 </listitem>
425 </varlistentry>
426
427 </variablelist>
428
429 </sect2>
430
431</sect1>
Note: See TracBrowser for help on using the repository browser.