From: Henrique de Moraes Holschuh (no email)
Date: Mon Apr 01 2002 - 11:48:39 EST
On Mon, 01 Apr 2002, Rob Siemborski wrote:
> On Mon, 1 Apr 2002, Henrique de Moraes Holschuh wrote:
> > I've noticed something here that is probably related to this bug. This is
> > cyrus 2.1.3 CVS (as of yesterday) + SASL 2.1.2 release.
> >
> > I have observed that SASL 2 tries to open sasldb directly, instead of simply
> > forwarding the request to saslauthd (so that saslauthd opens sasldb, instead
> > of imapd). This is certainly a very annoying behaviour, since I wanted
> > saslauthd because the cyrus user does not have enough rights to read sasldb
> > here... (and saslauthd does).
>
> Not a bug, this is the intended behavior. There is a sasldb saslauthd
> module for this purpose, but it does restrict you to just the "plaintext"
> mechanisms. It also doesn't build by default, because it tends to add
> more confusion then its worth (it's sort of still considered
> experimental, but the configure flag is --enable-auth-sasldb).
Interesting. I will look into it, and get the Debian SASL maintainer to
document this gotcha (I think I will have to document it too in the Cyrus
IMAPd readme for Debian).
-- "One disk to rule them all, One disk to find them. One disk to bring them all and in the darkness grind them. In the Land of Redmond where the shadows lie." -- The Silicon Valley Tarot Henrique Holschuh
|
|
|