- Timestamp:
- 05/12/2013 04:46:18 PM (11 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 4af4be4
- Parents:
- 44b8f10
- Location:
- postlfs/security
- Files:
-
- 3 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/cyrus-sasl.xml
r44b8f10 rfaf325d 5 5 %general-entities; 6 6 7 <!ENTITY cyrus-sasl-download-http " http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp. andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-&cyrus-sasl-version;.tar.gz">9 <!ENTITY cyrus-sasl-md5sum " 341cffe829a4d71f2a6503d669d5a946">7 <!ENTITY cyrus-sasl-download-http " "> 8 <!ENTITY cyrus-sasl-download-ftp "ftp://ftp.cyrusimap.org/cyrus-sasl/cyrus-sasl-&cyrus-sasl-version;.tar.gz"> 9 <!ENTITY cyrus-sasl-md5sum "a7f4e5e559a0e37b3ffc438c9456e425"> 10 10 <!ENTITY cyrus-sasl-size "5.0 MB"> 11 <!ENTITY cyrus-sasl-buildsize " 20 MB">11 <!ENTITY cyrus-sasl-buildsize "30 MB"> 12 12 <!ENTITY cyrus-sasl-time "0.5 SBU"> 13 13 ]> … … 30 30 <title>Introduction to Cyrus SASL</title> 31 31 32 <para>The <application>Cyrus SASL</application> package contains a Simple 33 Authentication and Security Layer, a method for adding authentication 34 support to connection-based protocols. To use SASL, a protocol includes a 35 command for identifying and authenticating a user to a server and for 36 optionally negotiating protection of subsequent protocol interactions. If 37 its use is negotiated, a security layer is inserted between the protocol 38 and the connection.</para> 32 <para> 33 The <application>Cyrus SASL</application> package contains a Simple 34 Authentication and Security Layer, a method for adding authentication 35 support to connection-based protocols. To use SASL, a protocol includes 36 a command for identifying and authenticating a user to a server and for 37 optionally negotiating protection of subsequent protocol interactions. 38 If its use is negotiated, a security layer is inserted between the 39 protocol and the connection. 40 </para> 39 41 40 42 &lfs73_checked; … … 43 45 <itemizedlist spacing="compact"> 44 46 <listitem> 45 <para>Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/></para> 46 </listitem> 47 <listitem> 48 <para>Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/></para> 49 </listitem> 50 <listitem> 51 <para>Download MD5 sum: &cyrus-sasl-md5sum;</para> 52 </listitem> 53 <listitem> 54 <para>Download size: &cyrus-sasl-size;</para> 55 </listitem> 56 <listitem> 57 <para>Estimated disk space required: &cyrus-sasl-buildsize;</para> 58 </listitem> 59 <listitem> 60 <para>Estimated build time: &cyrus-sasl-time;</para> 47 <para> 48 Download (HTTP): <ulink url="&cyrus-sasl-download-http;"/> 49 </para> 50 </listitem> 51 <listitem> 52 <para> 53 Download (FTP): <ulink url="&cyrus-sasl-download-ftp;"/> 54 </para> 55 </listitem> 56 <listitem> 57 <para> 58 Download MD5 sum: &cyrus-sasl-md5sum; 59 </para> 60 </listitem> 61 <listitem> 62 <para> 63 Download size: &cyrus-sasl-size; 64 </para> 65 </listitem> 66 <listitem> 67 <para> 68 Estimated disk space required: &cyrus-sasl-buildsize; 69 </para> 70 </listitem> 71 <listitem> 72 <para> 73 Estimated build time: &cyrus-sasl-time; 74 </para> 61 75 </listitem> 62 76 </itemizedlist> … … 65 79 <itemizedlist spacing="compact"> 66 80 <listitem> 67 <para>Required patch: <ulink 68 url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch"/></para> 81 <para> 82 Required patch: 83 <ulink url="&patch-root;/cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch"/> 84 </para> 69 85 </listitem> 70 86 </itemizedlist> … … 73 89 74 90 <bridgehead renderas="sect4">Required</bridgehead> 75 <para role="required"><xref linkend="openssl"/></para> 91 <para role="required"> 92 <xref linkend="openssl"/> 93 </para> 76 94 77 95 <bridgehead renderas="sect4">Recommended</bridgehead> 78 <para role="recommended"><xref linkend="db"/></para> 96 <para role="recommended"> 97 <xref linkend="db"/> 98 </para> 79 99 80 100 <bridgehead renderas="sect4">Optional</bridgehead> 81 <para role="optional"><xref linkend="linux-pam"/>, 82 <xref linkend="openldap"/>, 83 <xref linkend="mitkrb"/>, 84 <xref linkend="openjdk"/><!-- or <xref linkend="jdk"/>-->, 85 <xref linkend="mysql"/>, 86 <xref linkend="postgresql"/>, 87 <xref linkend="sqlite"/>, 88 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink>, and 89 <ulink url="http://dmalloc.com/">Dmalloc</ulink></para> 101 <para role="optional"> 102 <xref linkend="linux-pam"/>, 103 <xref linkend="mitkrb"/>, 104 <xref linkend="mysql"/>, 105 <xref linkend="openjdk"/>, 106 <xref linkend="openldap"/>, 107 <xref linkend="postgresql"/>, 108 <xref linkend="sqlite"/>, 109 <ulink url="http://www.pdc.kth.se/kth-krb/">krb4</ulink> and 110 <ulink url="http://dmalloc.com/">Dmalloc</ulink> 111 </para> 90 112 91 113 <para condition="html" role="usernotes">User Notes: 92 <ulink url="&blfs-wiki;/cyrus-sasl"/></para>93 114 <ulink url="&blfs-wiki;/cyrus-sasl"/> 115 </para> 94 116 </sect2> 95 117 … … 97 119 <title>Installation of Cyrus SASL</title> 98 120 99 <para>Install <application>Cyrus SASL</application> by 100 running the following commands:</para> 121 <para> 122 Install <application>Cyrus SASL</application> by 123 running the following commands: 124 </para> 101 125 102 126 <screen><userinput>patch -Np1 -i ../cyrus-sasl-&cyrus-sasl-version;-fixes-1.patch && 127 autoreconf -fi && 128 pushd saslauthd 129 autoreconf -fi && 130 popd 103 131 ./configure --prefix=/usr \ 104 132 --sysconfdir=/etc \ … … 107 135 make</userinput></screen> 108 136 109 <para>This package does not come with a test suite. If you are planning 110 on using the GSSAPI authentication mechanism, it is recommended to test 111 it after installing the package using the sample server and client programs 112 which were built in the preceding step. Instructions for performing the 113 tests can be found at <ulink 114 url="&hints-root;/downloads/files/cyrus-sasl.txt"/>.</para> 115 116 <para>Now, as the <systemitem class="username">root</systemitem> user:</para> 137 <para> 138 This package does not come with a test suite. If you are planning 139 on using the GSSAPI authentication mechanism, it is recommended to test 140 it after installing the package using the sample server and client 141 programs which were built in the preceding step. Instructions for 142 performing the tests can be found at 143 <ulink url="&hints-root;/downloads/files/cyrus-sasl.txt"/>. 144 </para> 145 146 <para> 147 Now, as the <systemitem class="username">root</systemitem> user: 148 </para> 117 149 118 150 <screen role="root"><userinput>make install && 119 install -v - m755 -d/usr/share/doc/cyrus-sasl-&cyrus-sasl-version; &&120 install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \151 install -v -dm755 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; && 152 install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \ 121 153 saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; && 122 install -v - m700 -d/var/lib/sasl</userinput></screen>154 install -v -dm700 /var/lib/sasl</userinput></screen> 123 155 124 156 </sect2> … … 127 159 <title>Command Explanations</title> 128 160 129 <para><parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This 130 parameter forces the <command>sasldb</command> database to be created 131 in <filename class='directory'>/var/lib/sasl</filename> instead of 132 <filename class='directory'>/etc</filename>.</para> 133 134 <para><parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This 135 parameter forces <command>saslauthd</command> to use the FHS compliant 136 directory <filename class='directory'>/var/run/saslauthd</filename> for 137 variable run-time data.</para> 138 139 <para><parameter>--with-dblib=gdbm</parameter>: This parameter forces 140 <application>GDBM</application> to be used instead of 141 <application>Berkeley DB</application>.</para> 142 143 <para><option>--with-ldap</option>: This parameter enables use 144 with <application>OpenLDAP</application>.</para> 145 146 <para><option>--enable-ldapdb</option>: This parameter enables the 147 LDAPDB authentication backend. There is a circular dependency with this 148 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to 149 this problem.</para> 150 151 <para><option>--enable-java</option>: This option enables compiling of 152 <application>Java</application> support libraries</para> 153 154 <para><option>--enable-login</option>: This option enables unsupported 155 LOGIN authentication</para> 156 157 <para><option>--enable-ntlm</option>: This option enables unsupported 158 NTLM authentication</para> 159 160 <para><command>install -v -m644 ...</command>: These commands 161 install documentation which is not installed by the 162 <command>make install</command> command.</para> 163 164 <para><command>install -v -m700 -d /var/lib/sasl</command>: 165 This directory must exist when starting <command>saslauthd</command> or 166 using the sasldb plugin. If you're not going to be running the daemon or 167 using the plugins, you may omit the creation of this directory.</para> 161 <para> 162 <parameter>--with-dbpath=/var/lib/sasl/sasldb2</parameter>: This 163 switch forces the <command>sasldb</command> database to be created 164 in <filename class="directory">/var/lib/sasl</filename> instead of 165 <filename class="directory">/etc</filename>. 166 </para> 167 168 <para> 169 <parameter>--with-saslauthd=/var/run/saslauthd</parameter>: This 170 switch forces <command>saslauthd</command> to use the FHS compliant 171 directory <filename class="directory">/var/run/saslauthd</filename> 172 for variable run-time data. 173 </para> 174 175 <para> 176 <parameter>--with-dblib=gdbm</parameter>: This switch forces 177 <application>GDBM</application> to be used instead of 178 <application>Berkeley DB</application>. 179 </para> 180 181 <para> 182 <option>--with-ldap</option>: This switch enables the 183 <application>OpenLDAP</application> support. 184 </para> 185 186 <para> 187 <option>--enable-ldapdb</option>: This switch enables the 188 LDAPDB authentication backend. There is a circular dependency with this 189 parameter. See <ulink url="&blfs-wiki;/cyrus-sasl"/> for a solution to 190 this problem. 191 </para> 192 193 <para> 194 <option>--enable-java</option>: This switch enables compiling of the 195 <application>Java</application> support libraries. 196 </para> 197 198 <para> 199 <option>--enable-login</option>: This option enables unsupported 200 LOGIN authentication. 201 </para> 202 203 <para> 204 <option>--enable-ntlm</option>: This option enables unsupported 205 NTLM authentication. 206 </para> 207 208 <para> 209 <command>install -v -m644 ...</command>: These commands 210 install documentation which is not installed by the 211 <command>make install</command> command. 212 </para> 213 214 <para> 215 <command>install -v -m700 -d /var/lib/sasl</command>: This directory 216 must exist when starting <command>saslauthd</command> or using the 217 sasldb plugin. If you're not going to be running the daemon or 218 using the plugins, you may omit the creation of this directory. 219 </para> 168 220 169 221 </sect2> … … 175 227 <title>Config Files</title> 176 228 177 <para><filename>/etc/saslauthd.conf</filename> (for 178 <command>saslauthd</command> LDAP configuration) 179 and <filename>/etc/sasl2/Appname.conf</filename> (where "Appname" 180 is the application defined name of the application)</para> 229 <para> 230 <filename>/etc/saslauthd.conf</filename> 231 (for <command>saslauthd</command> LDAP configuration) and 232 <filename>/etc/sasl2/Appname.conf</filename> 233 (where "Appname" is the application defined name of the application) 234 </para> 181 235 182 236 <indexterm zone="cyrus-sasl cyrus-sasl-config"> … … 189 243 <title>Configuration Information</title> 190 244 191 <para>See <ulink 192 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/> 193 for information on what to include in the application configuration files. 194 </para><para> 195 See <ulink 196 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/> 197 for configuring <command>saslauthd</command> with 198 <application>OpenLDAP</application>.</para><para> 199 See <ulink 200 url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/gssapi.html"/> 201 for configuring <command>saslauthd</command> with 202 <application>Kerberos</application>. 245 <para> 246 See 247 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/sysadmin.html"/> 248 for information on what to include in the application configuration files. 249 </para> 250 251 <para> 252 See 253 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/LDAP_SASLAUTHD"/> 254 for configuring <command>saslauthd</command> with 255 <application>OpenLDAP</application>. 256 </para> 257 258 <para> 259 See 260 <ulink url="file:///usr/share/doc/cyrus-sasl-&cyrus-sasl-version;/gssapi.html"/> 261 for configuring <command>saslauthd</command> with <application>Kerberos</application>. 203 262 </para> 204 263 … … 208 267 <title>Init Script</title> 209 268 210 <para>If you need to run the <command>saslauthd</command> daemon at system 211 startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename> 212 init script included in the <xref linkend="bootscripts"/> 213 package using the following command:</para> 269 <para> 270 If you need to run the <command>saslauthd</command> daemon at system 271 startup, install the <filename>/etc/rc.d/init.d/saslauthd</filename> 272 init script included in the <xref linkend="bootscripts"/> 273 package using the following command: 274 </para> 214 275 215 276 <indexterm zone="cyrus-sasl cyrus-sasl-init"> … … 220 281 221 282 <note> 222 <para>You'll need to modify /etc/sysconfig/saslauthd and replace the 223 <option><replaceable>AUTHMECH</replaceable></option> parameter 224 with your desired authentication mechanism.</para> 283 <para> 284 You'll need to modify /etc/sysconfig/saslauthd and replace the 285 <option><replaceable>AUTHMECH</replaceable></option> parameter 286 with your desired authentication mechanism. 287 </para> 225 288 </note> 226 289 … … 234 297 <segmentedlist> 235 298 <segtitle>Installed Programs</segtitle> 236 <segtitle>Installed Librar ies</segtitle>299 <segtitle>Installed Library</segtitle> 237 300 <segtitle>Installed Directories</segtitle> 238 301 239 302 <seglistitem> 240 <seg>pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and testsaslauthd</seg> 241 <seg>libsasl2.so, and numerous SASL plugins</seg> 242 <seg>/usr/include/sasl, /usr/lib/sasl2, 243 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version;, and /var/lib/sasl</seg> 303 <seg> 304 pluginviewer, saslauthd, sasldblistusers2, saslpasswd2 and 305 testsaslauthd 306 </seg> 307 <seg> 308 libsasl2.so 309 </seg> 310 <seg> 311 /usr/include/sasl, 312 /usr/lib/sasl2, 313 /usr/share/doc/cyrus-sasl-&cyrus-sasl-version; and 314 /var/lib/sasl 315 </seg> 244 316 </seglistitem> 245 317 </segmentedlist> … … 253 325 <term><command>pluginviewer</command></term> 254 326 <listitem> 255 <para>is used to list loadable SASL plugins and their properties.</para> 327 <para> 328 is used to list loadable SASL plugins and their properties. 329 </para> 256 330 <indexterm zone="cyrus-sasl pluginviewer"> 257 331 <primary sortas="b-pluginviewer">pluginviewer</primary> … … 263 337 <term><command>saslauthd</command></term> 264 338 <listitem> 265 <para>is the SASL authentication server.</para> 339 <para> 340 is the SASL authentication server. 341 </para> 266 342 <indexterm zone="cyrus-sasl saslauthd"> 267 343 <primary sortas="b-saslauthd">saslauthd</primary> … … 273 349 <term><command>sasldblistusers2</command></term> 274 350 <listitem> 275 <para>is used to list the users in the SASL password database 276 <filename>sasldb2</filename>.</para> 351 <para> 352 is used to list the users in the SASL password database 353 <filename>sasldb2</filename>. 354 </para> 277 355 <indexterm zone="cyrus-sasl sasldblistusers2"> 278 356 <primary sortas="b-sasldblistusers2">sasldblistusers2</primary> … … 284 362 <term><command>saslpasswd2</command></term> 285 363 <listitem> 286 <para>is used to set and delete a user's SASL password and 287 mechanism specific secrets in the SASL password database 288 <filename>sasldb2</filename>.</para> 364 <para> 365 is used to set and delete a user's SASL password and 366 mechanism specific secrets in the SASL password 367 database <filename>sasldb2</filename>. 368 </para> 289 369 <indexterm zone="cyrus-sasl saslpasswd2"> 290 370 <primary sortas="b-saslpasswd2">saslpasswd2</primary> … … 296 376 <term><command>testsaslauthd</command></term> 297 377 <listitem> 298 <para>is a test utility for the SASL authentication server.</para> 378 <para> 379 is a test utility for the SASL authentication server. 380 </para> 299 381 <indexterm zone="cyrus-sasl testsaslauthd"> 300 382 <primary sortas="b-testsaslauthd">testsaslauthd</primary> … … 304 386 305 387 <varlistentry id="libsasl2"> 306 <term><filename class='libraryfile'>libsasl2.so</filename></term> 307 <listitem> 308 <para>is a general purpose authentication library for server and 309 client applications.</para> 388 <term><filename class="libraryfile">libsasl2.so</filename></term> 389 <listitem> 390 <para> 391 is a general purpose authentication library for server 392 and client applications. 393 </para> 310 394 <indexterm zone="cyrus-sasl libsasl2"> 311 395 <primary sortas="c-libsasl2">libsasl2.so</primary> -
postlfs/security/gnupg2.xml
r44b8f10 rfaf325d 7 7 <!ENTITY gnupg2-download-http " "> 8 8 <!ENTITY gnupg2-download-ftp "ftp://ftp.gnupg.org/gcrypt/gnupg/gnupg-&gnupg2-version;.tar.bz2"> 9 <!ENTITY gnupg2-md5sum " 6a8589381ca1b0c1a921e9955f42b016">10 <!ENTITY gnupg2-size "4. 0MB">11 <!ENTITY gnupg2-buildsize " 67MB">12 <!ENTITY gnupg2-time " 1.2SBU">9 <!ENTITY gnupg2-md5sum "9d18ee71bb0b10d40d1c8a393bdd7a89"> 10 <!ENTITY gnupg2-size "4.1 MB"> 11 <!ENTITY gnupg2-buildsize "90 MB"> 12 <!ENTITY gnupg2-time "0.9 SBU"> 13 13 ]> 14 14 … … 39 39 OpenPGP-only version.</para> 40 40 41 &lfs7 2_checked;41 &lfs73_checked; 42 42 43 43 <bridgehead renderas="sect3">Package Information</bridgehead> … … 106 106 --libexecdir=/usr/lib/gnupg2 \ 107 107 --docdir=/usr/share/doc/gnupg-&gnupg2-version; && 108 make </userinput></screen><!--&&109 110 makeinfo - -html --no-split -o doc/gnupg_nochunks.html doc/gnupg.texi &&111 makeinfo - 108 make && 109 110 makeinfo --html --no-split -o doc/gnupg_nochunks.html doc/gnupg.texi && 111 makeinfo --plaintext -o doc/gnupg.txt doc/gnupg.texi</userinput></screen> 112 112 113 113 <para>If you have <xref linkend="texlive"/> … … 115 115 issue the following commands:</para> 116 116 117 <screen><userinput>make -C doc pdf ps html</userinput></screen> -->117 <screen><userinput>make -C doc pdf ps html</userinput></screen> 118 118 119 119 <para>To test the results, issue: <command>make check</command>.</para> … … 124 124 <systemitem class="username">root</systemitem> user:</para> 125 125 126 <screen role="root"><userinput>make install </userinput></screen><!--&&126 <screen role="root"><userinput>make install && 127 127 128 128 install -v -m755 -d /usr/share/doc/gnupg-&gnupg2-version;/html && … … 139 139 /usr/share/doc/gnupg-&gnupg2-version;/html && 140 140 install -v -m644 doc/gnupg.{pdf,dvi,ps} \ 141 /usr/share/doc/gnupg-&gnupg2-version;</userinput></screen> -->141 /usr/share/doc/gnupg-&gnupg2-version;</userinput></screen> 142 142 143 143 </sect2> -
postlfs/security/gnutls.xml
r44b8f10 rfaf325d 7 7 <!ENTITY gnutls-download-http " "> 8 8 <!ENTITY gnutls-download-ftp "ftp://ftp.gnutls.org/gcrypt/gnutls/v3.1/gnutls-&gnutls-version;.tar.xz"> 9 <!ENTITY gnutls-md5sum " 9e73aa5c3ef3b7358159a31302e25aa7">9 <!ENTITY gnutls-md5sum "b1c8f431f7c258a1e76cdba05cc1dd88"> 10 10 <!ENTITY gnutls-size "4.9 MB"> 11 11 <!ENTITY gnutls-buildsize "130 MB">
Note:
See TracChangeset
for help on using the changeset viewer.