From: Justin Georgeson (no email)
Date: Sat Nov 02 2002 - 12:48:46 EST
Get the 1.5.28 source from
You can get the source from ftp://ftp.andrew.cmu.edu/pub/cyrus-mail
Then use the spec file and init script I've attached. Put the init
script and the source tarball in /usr/src/redhat/SOURCES. Put the spec
file in /usr/src/redhat/SPECS. Then run
rpmbuild --rebuild /usr/src/redhat/SPECS/cyrus-sasl.spec
You will then have /usr/src/redhat/i386/cyrus-sasl-1.5.28-1.i386.rpm,
which will include saslauthd.
Cai Li wrote:
>
>
> Greeting to you all.
> But where to find this daemon?
> Is there a RPM pkg available some where wich may run
> on the RH 7.3 (2.4.18ish kernel)?
> Thanks
>
> Li
>
>
>
>
>> From: Justin Georgeson <>
>> To: postfix-users <>
>> Subject: Re: SMTP AUTH using SASL password checking daemon
>> Date: Sat, 02 Nov 2002 00:05:00 -0600
>> MIME-Version: 1.0
>> Received: from mc2-f8.law16.hotmail.com ([65.54.237.15]) by
>> mc2-s17.law16.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri,
>> 1 Nov 2002 22:05:27 -0800
>> Received: from russian-caravan.cloud9.net ([168.100.1.4]) by
>> mc2-f8.law16.hotmail.com with Microsoft SMTPSVC(5.0.2195.5600); Fri, 1
>> Nov 2002 22:05:26 -0800
>> Received: by russian-caravan.cloud9.net (Postfix)id 6D59132A4E; Sat,
>> 2 Nov 2002 01:05:12 -0500 (EST)
>> Received: by russian-caravan.cloud9.net (Postfix, from userid 54)id
>> 6778A32827; Sat, 2 Nov 2002 01:05:12 -0500 (EST)
>> Received: from localhost (localhost [127.0.0.1])by
>> russian-caravan.cloud9.net (Postfix) with ESMTP id BB5A3327ADfor
>> <>; Sat, 2 Nov 2002 01:05:11 -0500 (EST)
>> Received: from russian-caravan.cloud9.net (localhost [127.0.0.1])by
>> localhost (VaMailArmor-2.0.1.7) id 09918-656F34E3;Sat, 02 Nov 2002
>> 01:05:11 -0500
>> Received: from mail.unboundtech.com (tetsuo.unboundtech.com
>> [66.150.129.229])by russian-caravan.cloud9.net (Postfix) with ESMTP id
>> 791CC32B38for <>; Sat, 2 Nov 2002 01:05:09
>> -0500 (EST)
>> Received: from unboundtech.com (blffstn-217.aus.tx.bbnow.net
>> [24.219.67.217])by mail.unboundtech.com (Postfix) with ESMTP id
>> 9F46688BE8for <>; Fri, 1 Nov 2002 23:54:43
>> -0600 (CST)
>> Delivered-To:
>> Delivered-To:
>> Message-ID: <3DC36B0C dot 2090306 at unboundtech dot com>
>> User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.1)
>> Gecko/20020826
>> X-Accept-Language: en-us, en
>> References: <Pine dot LNX dot 4 dot 44 dot 0211011346230 dot 808-100000 at gamay dot kronodoc dot fi>
>> X-AntiVirus: checked by Vexira MailArmor (version: 2.0.1.7; VAE:
>> 6.16.0.0; VDF: 6.16.0.11; host: russian-caravan.cloud9.net)
>> Sender:
>> Precedence: bulk
>> Return-Path:
>> X-OriginalArrivalTime: 02 Nov 2002 06:05:26.0683 (UTC)
>> FILETIME=[D6B48EB0:01C28235]
>>
>> Try saslauthd instead of pwcheck. Odds are you are running postfix
>> chroot'ed (look in master.cf to verify), in which case you would need
>> to copy a bunch of extra files in the jail to use a method other tha
>> saslauthd. To use saslauthd, you also have to start the service
>> (service saslauthd start). Use the chkconfig command to make sure
>> saslauthd starts in all the same runlevels as postfix.
>>
>> Marko Asplund wrote:
>>
>>> i'm trying to setup Postfix v1.1.11 to use SASL based SMTP
>>> authentication
>>> (on Red Hat Linux v8.0). Postfix has been compiled with the pfixtls
>>> patch
>>> and SASL support. i've tried configuring SASL to use sasldb for password
>>> checking and this works fine but i can't get password checking daemon to
>>> work.
>>>
>>> when i add 'pwcheck_method: pwcheck' to SASL smtpd.conf i get the
>>> following message from Postfix:
>>>
>>> warning: SASL authentication problem: unrecognized plaintext verifier
>>> pwcheck
>>>
>>> so, the SASL library (v1) the Postfix has been linked with doesn't
>>> seem to
>>> support the password checking daemon.
>>>
>>> does Postfix have support for SASL v2 libraries so that i could try
>>> using
>>> saslauthd? how do i compile Postfix with SASL v2? i tried configuring
>>> Postfix with AUXLIBS="-lsasl2". the compilation went fine but the
>>> resulting binaries are linked both with version 1 and 2 SASL library. is
>>> this normal?
>>>
>>> best regards,
>>
>>
>> --
>> Justin Georgeson
>> UnBound Technologies, Inc.
>> http://www.unboundtech.com
>> Main 713.329.9330
>> Fax 713.460.4051
>> Mobile 512.789.1962
>>
>> 5295 Hollister Road
>> Houston, TX 77040
>> Real Applications using Real Wireless Intelligence(tm)
>>
>> -
>> To unsubscribe, send mail to with content
>> (not subject): unsubscribe postfix-users
>
>
>
> _________________________________________________________________
> Protect your PC - get McAfee.com VirusScan Online
> http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963
-- Justin Georgeson UnBound Technologies, Inc. http://www.unboundtech.com Main 713.329.9330 Fax 713.460.4051 Mobile 512.789.1962 5295 Hollister Road Houston, TX 77040 Real Applications using Real Wireless Intelligence(tm)
# These define which plugins are built as subpackages. The gssapi definition
# also controls whether the plugin is even built.
# For RHL 6.2, gssapi = 1, md5 = 0, plain = 0.
# For RHL 7, gssapi = 1, md5 = 0, plain = 0.
# For RHL 7.1, gssapi = 1, md5 = 0, plain = 0.
# For RHL 7.2, gssapi = 1, md5 = 1, plain = 1.
%define gssapi 1
%define md5 1
%define plain 1
Summary: The Cyrus SASL library.
Name: cyrus-sasl
Version: 1.5.28
Release: 1
License: Freely Distributable
Group: System Environment/Libraries
Source0: ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-%{version}.tar.gz
Source1: saslauthd.init
URL: http://asg.web.cmu.edu/sasl/sasl-library.html
Buildroot: %{_tmppath}/%{name}-root
BuildPrereq: autoconf, automake, libtool
BuildPrereq: gdbm-devel, krb5-devel, openssl-devel, pam-devel
Requires: pam
Prereq: /sbin/ldconfig
%description
The cyrus-sasl package contains the Cyrus implementation of SASL.
SASL is the Simple Authentication and Security Layer, a method for
adding authentication support to connection-based protocols.
%package devel
Requires: %{name} = %{version}-%{release}
Group: Development/Libraries
Summary: Files needed for developing applications with Cyrus SASL.
%description devel
The cyrus-sasl-devel package contains files needed for developing and
compiling applications which use the Cyrus SASL library.
%package gssapi
Requires: %{name} = %{version}-%{release}
Group: System Environment/Libraries
Summary: GSSAPI support for Cyrus SASL.
%description gssapi
The cyrus-sasl-gssapi package contains the Cyrus SASL plugins which
support GSSAPI authentication. GSSAPI is commonly used for Kerberos
authentication.
%package plain
Requires: %{name} = %{version}-%{release}
Group: System Environment/Libraries
Summary: PLAIN and LOGIN support for Cyrus SASL.
%description plain
The cyrus-sasl-plain package contains the Cyrus SASL plugins which support
PLAIN and LOGIN authentication schemes.
%package md5
Requires: %{name} = %{version}-%{release}
Group: System Environment/Libraries
Summary: CRAM-MD5 and DIGEST-MD5 support for Cyrus SASL.
%description md5
The cyrus-sasl-md5 package contains the Cyrus SASL plugins which support
CRAM-MD5 and DIGEST-MD5 authentication schemes.
%prep
%setup -q
libtoolize -f
aclocal -I ./cmulocal
automake -a
autoconf
%build
CFLAGS="$RPM_OPT_FLAGS -fPIC"; export CFLAGS
%configure \
--enable-static --enable-shared \
--with-plugindir=%{_libdir}/sasl \
--with-dblib=gdbm \
--disable-krb4 \
%if %{gssapi}
--enable-gssapi=/usr/kerberos \
%endif
--with-saslauthd=/var/run/saslauthd \
--with-rc4 \
--enable-anon \
--enable-cram \
--enable-digest \
--enable-plain \
--enable-login
make
pushd sample
make sample-client
make sample-server
popd
%install
rm -rf $RPM_BUILD_ROOT
%makeinstall
install -m755 -d $RPM_BUILD_ROOT%{_bindir}
./libtool --mode=install \
install -m755 sample/sample-client $RPM_BUILD_ROOT%{_bindir}/sasl-sample-client
./libtool --mode=install \
install -m755 sample/sample-server $RPM_BUILD_ROOT%{_bindir}/sasl-sample-server
# Install the saslauthd man page in the expected location, even if it's
# pre-formatted.
install -m755 -d $RPM_BUILD_ROOT%{_mandir}/man8/
install -m644 saslauthd/*.8 $RPM_BUILD_ROOT%{_mandir}/man8/
# Create the saslauthd listening directory.
install -m755 -d $RPM_BUILD_ROOT/var/run/saslauthd
install -m755 -d $RPM_BUILD_ROOT/etc/rc.d/init.d
install -m755 $RPM_SOURCE_DIR/saslauthd.init $RPM_BUILD_ROOT/etc/rc.d/init.d/saslauthd
%clean
rm -rf $RPM_BUILD_ROOT
%post
-p /sbin/ldconfig
/sbin/chkconfig --add saslauthd
%preun
if [ $1 = 0 ] ; then
/sbin/chkconfig --del saslauthd
fi
%postun
/sbin/ldconfig
if [ $1 != 0 ] ; then
/sbin/service saslauthd condrestart 2>&1 > /dev/null
fi
%files
%defattr(-,root,root)
%doc AUTHORS COPYING NEWS README TODO doc/*.html doc/*.txt
%{_libdir}/libsasl*.so.*
%dir %{_libdir}/sasl/
%{_libdir}/sasl/*anonymous*.so*
%{_mandir}/man8/*
%{_sbindir}/saslpasswd
%{_sbindir}/sasldblistusers
%{_sbindir}/saslauthd
%config /etc/rc.d/init.d/saslauthd
/var/run/saslauthd
%if %{plain}
%files plain
%defattr(-,root,root)
%endif
%{_libdir}/sasl/*plain*.so*
%{_libdir}/sasl/*login*.so*
%if %{md5}
%files md5
%defattr(-,root,root)
%endif
%{_libdir}/sasl/*crammd5*.so*
%{_libdir}/sasl/*digestmd5*.so*
%if %{gssapi}
%files gssapi
%defattr(-,root,root)
%{_libdir}/sasl/*gssapi*.so*
%endif
%files devel
%defattr(-,root,root)
%{_bindir}/sasl-sample-client
%{_bindir}/sasl-sample-server
%{_includedir}/*.h
%{_libdir}/libsasl*.*a
%{_libdir}/libsasl*.*so
%{_libdir}/sasl/*anonymous*.*a
%{_libdir}/sasl/*crammd5*.*a
%{_libdir}/sasl/*digestmd5*.*a
%{_libdir}/sasl/*gssapi*.*a
%{_libdir}/sasl/*login*.*a
%{_libdir}/sasl/*plain*.*a
%{_mandir}/man3/*
%changelog
* Thu Feb 21 2002 Nalin Dahyabhai <> 1.5.24-25
- one more time!
* Wed Feb 20 2002 Nalin Dahyabhai <> 1.5.24-24
- free ride through the build system
* Fri Nov 2 2001 Nalin Dahyabhai <> 1.5.24-23
- patch to fix possible syslog format-string vulnerability
* Mon Oct 29 2001 Nalin Dahyabhai <> 1.5.24-22
- add pam-devel as a buildprereq
* Wed Aug 29 2001 Nalin Dahyabhai <> 1.5.24-21
- include sample programs in the -devel subpackage, prefixing their names
with "sasl-" to reduce future potential naming conflicts
* Tue Aug 14 2001 Nalin Dahyabhai <> 1.5.24-20
- build without -ggdb
* Fri Aug 3 2001 Nalin Dahyabhai <>
- add gdbm-devel as a build dependency (#44990)
- split off CRAM-MD5 and DIGEST-MD5 into a subpackage of their own (#43079,
and dialogs with David L. Parsley)
* Fri Apr 27 2001 Nalin Dahyabhai <>
- split out the PLAIN and LOGIN mechanisms into their own package (this allows
an administrator to disable them by simply removing the package)
* Fri Jan 19 2001 Nalin Dahyabhai <>
- rebuild in new environment
* Wed Dec 6 2000 Nalin Dahyabhai <>
- fix gssapi-over-tls
* Fri Oct 27 2000 Nalin Dahyabhai <>
- enable static libraries, but always build with -fPIC
* Wed Oct 25 2000 Nalin Dahyabhai <>
- make sure the version of 1.5.24 in the package matches the masters (#18968)
* Mon Oct 9 2000 Nalin Dahyabhai <>
- re-add the libsasl.so symlink to the -devel package (oops)
* Fri Oct 6 2000 Nalin Dahyabhai <>
- move .so files for modules to their respective packages -- they're not -devel
links meant for use by ld anyway
* Thu Oct 5 2000 Nalin Dahyabhai <>
- split off -devel subpackage
- add a -gssapi subpackage for the gssapi plugins
* Wed Aug 16 2000 Nalin Dahyabhai <>
- fix the summary text
* Sun Aug 13 2000 Nalin Dahyabhai <>
- re-enable arcfour and CRAM
* Fri Aug 4 2000 Nalin Dahyabhai <>
- force use of gdbm for database files to avoid DB migration weirdness
- enable login mechanism
- disable gssapi until it can coexist peacefully with non-gssapi setups
- actually do a make in the build section (#15410)
* Fri Jul 21 2000 Nalin Dahyabhai <>
- update to 1.5.24
* Wed Jul 12 2000 Prospector <>
- automatic rebuild
* Tue Jun 27 2000 Nalin Dahyabhai <>
- rebuild in new environment (release 3)
* Mon Jun 19 2000 Nalin Dahyabhai <>
- don't muck with syslogd in post
- remove patch for db-3.0 wackiness, no longer needed
* Thu Jun 8 2000 Nalin Dahyabhai <>
- FHS cleanup
- don't strip anything by default
* Fri Feb 11 2000 Tim Powers <>
- fixed man pages not being gzipped
* Tue Nov 16 1999 Tim Powers <>
- incorporated changes from Mads Kiilerich
- release number is 1, not mk1
* Tue Nov 10 1999 Mads Kiilerich <>
- updated to sasl 1.5.11
- configure --disable-krb4 --without-rc4 --disable-cram
because of missing libraries and pine having cram as default...
- handle changing libsasl.so versions
* Mon Aug 30 1999 Tim Powers <>
- changed group
* Fri Aug 13 1999 Tim Powers <>
- first build for Powertools
#! /bin/bash
#
# saslauthd Start/Stop the SASL authentication daemon.
#
# chkconfig: - 95 05
# description: saslauthd is a server process which handles plaintext \
# authentication requests on behalf of the cyrus-sasl library.
# processname: saslauthd
# Source function library.
. /etc/init.d/functions
# Source our configuration file for these variables.
SOCKET=/var/run/saslauthd/mux
MECH=shadow
FLAGS=
if [ -f /etc/sysconfig/saslauthd ] ; then
. /etc/sysconfig/saslauthd
fi
RETVAL=0
# Set up some common variables before we launch into what might be
# considered boilerplate by now.
prog=saslauthd
path=/usr/sbin/saslauthd
start() {
echo -n $"Starting $prog: "
daemon $path -m $SOCKET -a $MECH $FLAGS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/$prog
return $RETVAL
}
stop() {
echo -n $"Stopping $prog: "
killproc $path
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/$prog
return $RETVAL
}
restart() {
stop
start
}
case "$1" in
start)
start
;;
stop)
stop
;;
restart)
restart
;;
status)
status $path
;;
condrestart)
[ -f /var/lock/subsys/$prog ] && restart || :
;;
*)
echo $"Usage: $0 {start|stop|status|reload|restart|condrestart}"
exit 1
esac
exit $?
-
To unsubscribe, send mail to with content
(not subject): unsubscribe postfix-users
|
|
|