Changeset 1cc0752
- Timestamp:
- 05/13/2005 07:23:45 PM (19 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 12.2, 6.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gimp3, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/for-12.3, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/spidermonkey128, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 8920dfa
- Parents:
- 9623b6e8
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/cyrus-sasl.xml
r9623b6e8 r1cc0752 14 14 15 15 <sect1 id="cyrus-sasl" xreflabel="Cyrus SASL-&cyrus-sasl-version;"> 16 <sect1info> 17 <othername>$LastChangedBy$</othername> 18 <date>$Date$</date> 19 </sect1info> 20 <?dbhtml filename="cyrus-sasl.html"?> 21 <title>Cyrus <acronym>SASL</acronym>-&cyrus-sasl-version;</title> 22 <indexterm zone="cyrus-sasl"> 23 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary></indexterm> 24 25 <sect2> 26 <title>Introduction to <application>Cyrus <acronym>SASL</acronym></application> 27 </title> 28 29 <para>The <application>Cyrus <acronym>SASL</acronym></application> package 30 contains a Simple Authentication and Security Layer, a method for adding 31 authentication support to connection-based protocols. To use 32 <acronym>SASL</acronym>, a protocol includes a command for identifying and 33 authenticating a user to a server and for optionally negotiating protection of 34 subsequent protocol interactions. If its use is negotiated, a security layer 35 is inserted between the protocol and the connection.</para> 36 37 <sect3><title>Package information</title> 38 <itemizedlist spacing="compact"> 39 <listitem><para>Download (HTTP): 40 <ulink url="&cyrus-sasl-download-http;"/></para></listitem> 41 <listitem><para>Download (FTP): 42 <ulink url="&cyrus-sasl-download-ftp;"/></para></listitem> 43 <listitem><para>Download MD5 sum: &cyrus-sasl-md5sum;</para></listitem> 44 <listitem><para>Download size: &cyrus-sasl-size;</para></listitem> 45 <listitem><para>Estimated disk space required: 46 &cyrus-sasl-buildsize;</para></listitem> 47 <listitem><para>Estimated build time: 48 &cyrus-sasl-time;</para></listitem> 49 </itemizedlist> 50 </sect3> 51 52 <sect3><title><application>Cyrus <acronym>SASL</acronym></application> 53 dependencies</title> 54 55 <sect4><title>Required</title> 56 <para><xref linkend="openssl"/></para> 57 </sect4> 58 59 <sect4><title>Optional</title> 60 <para><xref linkend="Linux_PAM"/>, 61 <xref linkend="openldap"/>, 62 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>, 63 <xref linkend="jdk"/>, 64 <xref linkend="mysql"/>, 65 <xref linkend="postgresql"/>, 66 <xref linkend="db"/>, 67 <xref linkend="gdbm"/>, 68 <xref linkend="courier"/>, 69 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>, 70 <ulink url="http://sqlite.org/">SQLite</ulink> and 71 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para> 72 </sect4> 73 </sect3> 74 75 </sect2> 76 77 <sect2> 78 <title>Installation of <application>Cyrus <acronym>SASL</acronym></application> 79 </title> 80 81 <para>Install <application>Cyrus <acronym>SASL</acronym></application> by 82 running the following commands:</para> 83 84 <screen><userinput><command>./configure --prefix=/usr --sysconfdir=/etc \ 16 <?dbhtml filename="cyrus-sasl.html"?> 17 18 <sect1info> 19 <othername>$LastChangedBy$</othername> 20 <date>$Date$</date> 21 </sect1info> 22 23 <title>Cyrus SASL-&cyrus-sasl-version;</title> 24 25 <indexterm zone="cyrus-sasl"> 26 <primary sortas="a-Cyrus-SASL">Cyrus SASL</primary> 27 </indexterm> 28 29 <sect2 role="package"> 30 <title>Introduction to Cyrus SASL</title> 31 32 <para>The <application>Cyrus SASL</application> package contains a Simple 33 Authentication and Security Layer, a method for adding authentication 34 support to connection-based protocols. To use SASL, a protocol includes a 35 command for identifying and authenticating a user to a server and for 36 optionally negotiating protection of subsequent protocol interactions. If 37 its use is negotiated, a security layer is inserted between the protocol 38 and the connection.</para> 39 40 <bridgehead renderas="sect3">Package Information</bridgehead> 41 <itemizedlist spacing="compact"> 42 <listitem> 43 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para> 44 </listitem> 45 <listitem> 46 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para> 47 </listitem> 48 <listitem> 49 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para> 50 </listitem> 51 <listitem> 52 <para>Download size: &cyrus-sasl-size;</para> 53 </listitem> 54 <listitem> 55 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para> 56 </listitem> 57 <listitem> 58 <para>Estimated build time: &cyrus-sasl-time;</para> 59 </listitem> 60 </itemizedlist> 61 62 <bridgehead renderas="sect3">Cyrus SASL Dependencies</bridgehead> 63 64 <bridgehead renderas="sect4">Required</bridgehead> 65 <para><xref linkend="openssl"/></para> 66 67 <bridgehead renderas="sect4">Optional</bridgehead> 68 <para><xref linkend="Linux_PAM"/>, 69 <xref linkend="openldap"/>, 70 <xref linkend="heimdal"/> or <xref linkend="mitkrb"/>, 71 <xref linkend="jdk"/>, 72 <xref linkend="mysql"/>, 73 <xref linkend="postgresql"/>, 74 <xref linkend="db"/>, 75 <xref linkend="gdbm"/>, 76 <xref linkend="courier"/>, 77 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>, 78 <ulink url="http://sqlite.org/">SQLite</ulink> and 79 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para> 80 81 </sect2> 82 83 <sect2 role="installation"> 84 <title>Installation of Cyrus SASL</title> 85 86 <para>Install <application>Cyrus SASL</application> by 87 running the following commands:</para> 88 89 <screen><userinput>./configure --prefix=/usr --sysconfdir=/etc \ 85 90 --with-dbpath=/var/lib/sasl/sasldb2 \ 86 91 --with-saslauthd=/var/run && 87 make</ command></userinput></screen>88 89 <para>Now, as the rootuser:</para>90 91 <screen ><userinput role='root'><command>make install &&92 make</userinput></screen> 93 94 <para>Now, as the <systemitem class="username">root</systemitem> user:</para> 95 96 <screen role="root"><userinput>make install && 92 97 install -v -m644 saslauthd/saslauthd.mdoc \ 93 98 /usr/share/man/man8/saslauthd.8 && … … 95 100 install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \ 96 101 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; && 97 install -v -d -m700 /var/lib/sasl</command></userinput></screen> 98 99 </sect2> 100 101 <sect2> 102 <title>Command explanations</title> 103 104 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This 105 parameter forces the <command>saslauthd</command> database to be created 106 in <filename class='directory'>/var/lib/sasl</filename> instead of 107 <filename class='directory'>/etc</filename>.</para> 108 109 <para><parameter>--with-saslauthd=/var/run</parameter>: This parameter forces 110 <command>saslauthd</command> to use the <acronym>FHS</acronym> compliant 111 directory <filename class='directory'>/var/run</filename> for variable run-time 112 data.</para> 113 114 <para><parameter>--with-ldap</parameter>: This parameter enables use 115 with <application>OpenLDAP</application>.</para> 116 117 <para><command>install -m644 ...</command>: These commands 118 install documentation which is not installed by the 119 <command>make install</command> command.</para> 120 121 <para><command>install -d -m700 /var/lib/sasl</command>: This directory must 122 exist when starting <command>saslauthd</command>. If you're not going to be 123 running the daemon, you may omit the creation of this directory. 124 </para> 125 126 </sect2> 127 128 <sect2> 129 <title>Configuring <application>Cyrus 130 <acronym>SASL</acronym></application></title> 131 132 <sect3 id="cyrus-sasl-config"><title>Config Files</title> 133 <para><filename>/etc/saslauthd.conf</filename> (for <acronym>LDAP</acronym> 134 configuration) and <filename>/usr/lib/sasl2/Appname.conf</filename> (where 135 "Appname" is the application defined name of the application)</para> 136 <indexterm zone="cyrus-sasl cyrus-sasl-config"> 137 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary> 138 </indexterm> 139 </sect3> 140 141 <sect3><title>Configuration Information</title> 142 <para>See <ulink 143 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/> for 144 information on what to include in the application configuration files. See 145 <ulink 146 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/> 147 for configuring <command>saslauthd</command> with 148 <acronym>LDAP</acronym>.</para> 149 </sect3> 150 151 <sect3 id="cyrus-sasl-init"><title>Init Script</title> 152 <para>If you need to run the <command>saslauthd</command> daemon at system 153 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename> 154 init script included in the 155 <xref linkend="intro-important-bootscripts"/> package.</para> 156 <indexterm zone="cyrus-sasl cyrus-sasl-init"> 157 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary> 158 </indexterm> 159 160 <screen><userinput role='root'><command>make install-cyrus-sasl</command></userinput></screen> 161 162 <note><para>You'll need to modify the init script and replace the 163 <parameter><replaceable>[authmech]</replaceable></parameter> parameter to the 164 <parameter>-a</parameter> switch with your desired authentication mechanism. 165 </para></note> 166 </sect3> 167 168 </sect2> 169 170 <sect2> 171 <title>Contents</title> 172 173 <segmentedlist> 174 <segtitle>Installed Programs</segtitle> 175 <segtitle>Installed Libraries</segtitle> 176 <segtitle>Installed Directories</segtitle> 177 <seglistitem> 178 <seg>saslauthd, sasldblistusers2 and saslpasswd2</seg> 179 <seg>libjavasasl.so, libsasl2.so and <acronym>SASL</acronym> plugins/Java 180 classes</seg> 181 <seg>/usr/include/sasl, /usr/lib/java, /usr/lib/sasl2, 182 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and /var/lib/sasl</seg> 183 </seglistitem> 184 </segmentedlist> 185 186 <variablelist> 187 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 188 <?dbfo list-presentation="list"?> 189 190 <varlistentry id="saslauthd"> 191 <term><command>saslauthd</command></term> 192 <listitem><para>is the <acronym>SASL</acronym> authentication server.</para> 193 <indexterm zone="cyrus-sasl saslauthd"> 194 <primary sortas="b-saslauthd">saslauthd</primary></indexterm> 195 </listitem> 196 </varlistentry> 197 198 <varlistentry id="sasldblistusers2"> 199 <term><command>sasldblistusers2</command></term> 200 <listitem><para>is used to list the users in the <acronym>SASL</acronym> 201 password database.</para> 202 <indexterm zone="cyrus-sasl sasldblistusers2"> 203 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary></indexterm> 204 </listitem> 205 </varlistentry> 206 207 <varlistentry id="saslpasswd2"> 208 <term><command>saslpasswd2</command></term> 209 <listitem><para>is used to set and delete a user's <acronym>SASL</acronym> 210 password and mechanism specific secrets in the <acronym>SASL</acronym> 211 password database.</para> 212 <indexterm zone="cyrus-sasl saslpasswd2"> 213 <primary sortas="b-saslpasswd2">saslpasswd2</primary></indexterm> 214 </listitem> 215 </varlistentry> 216 217 <varlistentry id="libsasl2"> 218 <term><filename class='libraryfile'>libsasl2.so</filename></term> 219 <listitem><para>is a general purpose authentication library for server and 220 client applications.</para> 221 <indexterm zone="cyrus-sasl libsasl2"> 222 <primary sortas="c-libsasl2">libsasl2.so</primary></indexterm> 223 </listitem> 224 </varlistentry> 225 </variablelist> 226 227 </sect2> 102 install -v -d -m700 /var/lib/sasl</userinput></screen> 103 104 </sect2> 105 106 <sect2 role="commands"> 107 <title>Command Explanations</title> 108 109 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This 110 parameter forces the <command>saslauthd</command> database to be created 111 in <filename class='directory'>/var/lib/sasl</filename> instead of 112 <filename class='directory'>/etc</filename>.</para> 113 114 <para><parameter>--with-saslauthd=/var/run</parameter>: This parameter 115 forces <command>saslauthd</command> to use the FHS compliant 116 directory <filename class='directory'>/var/run</filename> for variable 117 run-time data.</para> 118 119 <para><option>--with-ldap</option>: This parameter enables use 120 with <application>OpenLDAP</application>.</para> 121 122 <para><command>install -v -m644 ...</command>: These commands 123 install documentation which is not installed by the 124 <command>make install</command> command.</para> 125 126 <para><command>install -v -d -m700 /var/lib/sasl</command>: This directory 127 must exist when starting <command>saslauthd</command>. If you're not going 128 to be running the daemon, you may omit the creation of this directory.</para> 129 130 </sect2> 131 132 <sect2 role="configuration"> 133 <title>Configuring Cyrus SASL</title> 134 135 <sect3 id="cyrus-sasl-config"> 136 <title>Config Files</title> 137 138 <para><filename>/etc/saslauthd.conf</filename> (for LDAP configuration) 139 and <filename>/usr/lib/sasl2/Appname.conf</filename> (where "Appname" 140 is the application defined name of the application)</para> 141 142 <indexterm zone="cyrus-sasl cyrus-sasl-config"> 143 <primary sortas="e-etc-saslauthd.conf">/etc/saslauthd.conf</primary> 144 </indexterm> 145 146 </sect3> 147 148 <sect3> 149 <title>Configuration Information</title> 150 151 <para>See <ulink 152 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/> 153 for information on what to include in the application configuration files. 154 See <ulink 155 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/> 156 for configuring <command>saslauthd</command> with LDAP.</para> 157 158 </sect3> 159 160 <sect3 id="cyrus-sasl-init"> 161 <title>Init Script</title> 162 163 <para>If you need to run the <command>saslauthd</command> daemon at system 164 startup, install the <filename>/etc/rc.d/init.d/cyrus-sasl</filename> 165 init script included in the <xref linkend="intro-important-bootscripts"/> 166 package.</para> 167 168 <indexterm zone="cyrus-sasl cyrus-sasl-init"> 169 <primary sortas="f-cyrus-sasl-init">cyrus-sasl</primary> 170 </indexterm> 171 172 <screen role="root"><userinput>make install-cyrus-sasl</userinput></screen> 173 174 <note> 175 <para>You'll need to modify the init script and replace the 176 <option><replaceable>[authmech]</replaceable></option> parameter 177 to the <option>-a</option> switch with your desired authentication 178 mechanism.</para> 179 </note> 180 181 </sect3> 182 183 </sect2> 184 185 <sect2 role="content"> 186 <title>Contents</title> 187 188 <segmentedlist> 189 <segtitle>Installed Programs</segtitle> 190 <segtitle>Installed Libraries</segtitle> 191 <segtitle>Installed Directories</segtitle> 192 193 <seglistitem> 194 <seg>saslauthd, sasldblistusers2, and saslpasswd2</seg> 195 <seg>libjavasasl.so, libsasl2.so, and SASL plugins/Java 196 classes</seg> 197 <seg>/usr/include/sasl, /usr/lib/java, /usr/lib/sasl2, 198 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg> 199 </seglistitem> 200 </segmentedlist> 201 202 <variablelist> 203 <bridgehead renderas="sect3">Short Descriptions</bridgehead> 204 <?dbfo list-presentation="list"?> 205 <?dbhtml list-presentation="table"?> 206 207 <varlistentry id="saslauthd"> 208 <term><command>saslauthd</command></term> 209 <listitem> 210 <para>is the SASL authentication server.</para> 211 <indexterm zone="cyrus-sasl saslauthd"> 212 <primary sortas="b-saslauthd">saslauthd</primary> 213 </indexterm> 214 </listitem> 215 </varlistentry> 216 217 <varlistentry id="sasldblistusers2"> 218 <term><command>sasldblistusers2</command></term> 219 <listitem> 220 <para>is used to list the users in the SASL password database.</para> 221 <indexterm zone="cyrus-sasl sasldblistusers2"> 222 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary> 223 </indexterm> 224 </listitem> 225 </varlistentry> 226 227 <varlistentry id="saslpasswd2"> 228 <term><command>saslpasswd2</command></term> 229 <listitem> 230 <para>is used to set and delete a user's SASL password and 231 mechanism specific secrets in the SASL password database.</para> 232 <indexterm zone="cyrus-sasl saslpasswd2"> 233 <primary sortas="b-saslpasswd2">saslpasswd2</primary> 234 </indexterm> 235 </listitem> 236 </varlistentry> 237 238 <varlistentry id="libsasl2"> 239 <term><filename class='libraryfile'>libsasl2.so</filename></term> 240 <listitem> 241 <para>is a general purpose authentication library for server and 242 client applications.</para> 243 <indexterm zone="cyrus-sasl libsasl2"> 244 <primary sortas="c-libsasl2">libsasl2.so</primary> 245 </indexterm> 246 </listitem> 247 </varlistentry> 248 249 </variablelist> 250 251 </sect2> 228 252 229 253 </sect1> 230
Note:
See TracChangeset
for help on using the changeset viewer.