source: postlfs/security/cyrus-sasl.xml@ fea3ac80

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 12.2 6.2 6.2.0 6.2.0-rc1 6.2.0-rc2 6.3 6.3-rc1 6.3-rc2 6.3-rc3 7.10 7.4 7.5 7.6 7.6-blfs 7.6-systemd 7.7 7.8 7.9 8.0 8.1 8.2 8.3 8.4 9.0 9.1 basic bdubbs/svn elogind gimp3 gnome kde5-13430 kde5-14269 kde5-14686 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts krejzi/svn lazarus lxqt nosym perl-modules plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition systemd-11177 systemd-13485 trunk upgradedb xry111/for-12.3 xry111/intltool xry111/llvm18 xry111/soup3 xry111/spidermonkey128 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since fea3ac80 was 4891ef3, checked in by Dan Nichilson <dnicholson@…>, 18 years ago

Fixed cyrus-sasl to use openldap-2.3+ and other tweaks

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@5939 af4574ff-66df-0310-9fd7-8a98e5e911e0
  • Property mode set to 100644
File size: 10.9 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.4//EN"
3 "http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!ENTITY cyrus-sasl-download-http "http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz ">
8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">
9 <!ENTITY cyrus-sasl-md5sum "dde02db234dea892bee298390890502e">
10 <!ENTITY cyrus-sasl-size "1.6 MB">
11 <!ENTITY cyrus-sasl-buildsize "16 MB">
12 <!ENTITY cyrus-sasl-time "0.3 SBU">
13]>
14
15<sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;">
16 <?dbhtml filename="cyrus-sasl.html"?>
17
18 <sect1info>
19 <othername>$LastChangedBy$</othername>
20 <date>$Date$</date>
21 <keywordset>
22 <keyword role="package">cyrus-sasl-&cyrus-sasl-version;.tar</keyword>
23 <keyword role="ftpdir">cyrus-sasl</keyword>
24 </keywordset>
25 </sect1info>
26
27 <title>Cyrus SASL-&cyrus-sasl-version;</title>
28
29 <indexterm zone="cyrus-sasl">
30 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary>
31 </indexterm>
32
33 <sect2 role="package">
34 <title>Introduction to Cyrus SASL</title>
35
36 <para>The <application>Cyrus SASL</application> package contains a Simple
37 Authentication and Security Layer, a method for adding authentication
38 support to connection-based protocols. To use SASL, a protocol includes a
39 command for identifying and authenticating a user to a server and for
40 optionally negotiating protection of subsequent protocol interactions. If
41 its use is negotiated, a security layer is inserted between the protocol
42 and the connection.</para>
43
44 <bridgehead renderas="sect3">Package Information</bridgehead>
45 <itemizedlist spacing="compact">
46 <listitem>
47 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para>
48 </listitem>
49 <listitem>
50 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para>
51 </listitem>
52 <listitem>
53 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para>
54 </listitem>
55 <listitem>
56 <para>Download size: &cyrus-sasl-size;</para>
57 </listitem>
58 <listitem>
59 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para>
60 </listitem>
61 <listitem>
62 <para>Estimated build time: &cyrus-sasl-time;</para>
63 </listitem>
64 </itemizedlist>
65
66 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
67 <itemizedlist spacing="compact">
68 <listitem>
69 <para>Required patch: <ulink
70 url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-openldap23-1.patch"/></para>
71 </listitem>
72 </itemizedlist>
73
74 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead>
75
76 <bridgehead renderas="sect4">Required</bridgehead>
77 <para role="required"><xref linkend="openssl"/></para>
78
79 <bridgehead renderas="sect4">Optional</bridgehead>
80 <para role="optional"><xref linkend="linux-pam"/>,
81 <xref linkend="openldap"/>,
82 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>,
83 <xref linkend="jdk"/>,
84 <xref linkend="mysql"/>,
85 <xref linkend="postgresql"/>,
86 <!-- <xref linkend="db"/>, -->
87 <xref linkend="gdbm"/>,
88 <!-- <xref linkend="courier"/>, -->
89 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>,
90 <ulink url="http://sqlite.org/">SQLite</ulink>, and
91 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para>
92
93 <para condition="html" role="usernotes">User Notes:
94 <ulink url="&blfs-wiki;/cyrus-sasl"/></para>
95
96 </sect2>
97
98 <sect2 role="installation">
99 <title>Installation of Cyrus SASL</title>
100
101 <para>Install <application>Cyrus SASL</application> by
102 running the following commands:</para>
103
104<screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-openldap23-1.patch &amp;&amp;
105sed -i '/sasl_global/s/^static //' lib/client.c &amp;&amp;
106sed -i 's/cat8/man8/' saslauthd/Makefile.in &amp;&amp;
107./configure --prefix=/usr --sysconfdir=/etc \
108 --with-dbpath=/var/lib/sasl/sasldb2 \
109 --with-saslauthd=/var/run &amp;&amp;
110make</userinput></screen>
111
112 <para>This package does not come with a test suite. If you are planning
113 on using the GSSAPI authentication mechanism, it is recommended to test
114 it after installing the package using the sample server and client programs
115 which were built in the preceding step. Instructions for performing the
116 tests can be found at <ulink
117 url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.</para>
118
119 <para>Now, as the <systemitem class="username">root</systemitem> user:</para>
120
121<screen role="root"><userinput>make install &amp;&amp;
122install -v -m755 -d /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
123install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
124 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &amp;&amp;
125install -v -m700 -d /var/lib/sasl</userinput></screen>
126
127 </sect2>
128
129 <sect2 role="commands">
130 <title>Command Explanations</title>
131
132 <para><command>sed ... lib/client.c</command>: This command fixes an issue
133 when compiling <application>Cyrus SASL</application> with
134 <application>GCC-4</application>.</para>
135
136 <para><command>sed 's/cat8/man8/' ...</command>: This command puts the
137 <command>saslauthd</command> man page in a more standard location.</para>
138
139 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This
140 parameter forces the <command>saslauthd</command> database to be created
141 in <filename class='directory'>/var/lib/sasl</filename> instead of
142 <filename class='directory'>/etc</filename>.</para>
143
144 <para><parameter>--with-saslauthd=/var/run</parameter>: This parameter
145 forces <command>saslauthd</command> to use the FHS compliant
146 directory <filename class='directory'>/var/run</filename> for variable
147 run-time data.</para>
148
149 <para><option>--with-ldap</option>: This parameter enables use
150 with <application>OpenLDAP</application>.</para>
151
152 <para><option>--enable-ldapdb</option>: This parameter enables the
153 LDAPDB authentication backend. There is a circular dependency with this
154 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to
155 this problem.</para>
156
157 <para><command>install -v -m644 ...</command>: These commands
158 install documentation which is not installed by the
159 <command>make install</command> command.</para>
160
161 <para><command>install -v -m700 -d /var/lib/sasl</command>: This directory
162 must exist when starting <command>saslauthd</command>. If you're not going
163 to be running the daemon, you may omit the creation of this directory.</para>
164
165 </sect2>
166
167 <sect2 role="configuration">
168 <title>Configuring Cyrus SASL</title>
169
170 <sect3 id="cyrus-sasl-config">
171 <title>Config Files</title>
172
173 <para><filename>/etc/saslauthd.conf</filename> (for
174 <command>saslauthd</command> LDAP configuration)
175 and <filename>/usr/lib/sasl2/Appname.conf</filename> (where "Appname"
176 is the application defined name of the application)</para>
177
178 <indexterm zone="cyrus-sasl cyrus-sasl-config">
179 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary>
180 </indexterm>
181
182 </sect3>
183
184 <sect3>
185 <title>Configuration Information</title>
186
187 <para>See <ulink
188 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/>
189 for information on what to include in the application configuration files.
190 See <ulink
191 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/>
192 for configuring <command>saslauthd</command> with
193 <application>OpenLDAP</application>.</para>
194
195 </sect3>
196
197 <sect3 id="cyrus-sasl-init">
198 <title>Init Script</title>
199
200 <para>If you need to run the <command>saslauthd</command> daemon at system
201 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename>
202 init script included in the <xref linkend="bootscripts"/>
203 package.</para>
204
205 <indexterm zone="cyrus-sasl cyrus-sasl-init">
206 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary>
207 </indexterm>
208
209<screen role="root"><userinput>make install-cyrus-sasl</userinput></screen>
210
211 <note>
212 <para>You'll need to modify the init script and replace the
213 <option><replaceable>&lt;authmech&gt;</replaceable></option> parameter
214 to the <option>-a</option> switch with your desired authentication
215 mechanism.</para>
216 </note>
217
218 </sect3>
219
220 </sect2>
221
222 <sect2 role="content">
223 <title>Contents</title>
224
225 <segmentedlist>
226 <segtitle>Installed Programs</segtitle>
227 <segtitle>Installed Libraries</segtitle>
228 <segtitle>Installed Directories</segtitle>
229
230 <seglistitem>
231 <seg>saslauthd, sasldblistusers2, and saslpasswd2</seg>
232 <seg>libjavasasl.so, libsasl2.so, and numerous SASL plugins and
233 Java classes</seg>
234 <seg>/usr/include/sasl, /usr/lib/java/classes/sasl, /usr/lib/sasl2,
235 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg>
236 </seglistitem>
237 </segmentedlist>
238
239 <variablelist>
240 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
241 <?dbfo list-presentation="list"?>
242 <?dbhtml list-presentation="table"?>
243
244 <varlistentry id="saslauthd">
245 <term><command>saslauthd</command></term>
246 <listitem>
247 <para>is the SASL authentication server.</para>
248 <indexterm zone="cyrus-sasl saslauthd">
249 <primary sortas="b-saslauthd">saslauthd</primary>
250 </indexterm>
251 </listitem>
252 </varlistentry>
253
254 <varlistentry id="sasldblistusers2">
255 <term><command>sasldblistusers2</command></term>
256 <listitem>
257 <para>is used to list the users in the SASL password database
258 <filename>sasldb2</filename>.</para>
259 <indexterm zone="cyrus-sasl sasldblistusers2">
260 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary>
261 </indexterm>
262 </listitem>
263 </varlistentry>
264
265 <varlistentry id="saslpasswd2">
266 <term><command>saslpasswd2</command></term>
267 <listitem>
268 <para>is used to set and delete a user's SASL password and
269 mechanism specific secrets in the SASL password database
270 <filename>sasldb2</filename>.</para>
271 <indexterm zone="cyrus-sasl saslpasswd2">
272 <primary sortas="b-saslpasswd2">saslpasswd2</primary>
273 </indexterm>
274 </listitem>
275 </varlistentry>
276
277 <varlistentry id="libsasl2">
278 <term><filename class='libraryfile'>libsasl2.so</filename></term>
279 <listitem>
280 <para>is a general purpose authentication library for server and
281 client applications.</para>
282 <indexterm zone="cyrus-sasl libsasl2">
283 <primary sortas="c-libsasl2">libsasl2.so</primary>
284 </indexterm>
285 </listitem>
286 </varlistentry>
287
288 </variablelist>
289
290 </sect2>
291
292</sect1>
Note: See TracBrowser for help on using the repository browser.