The Cyrus SASL package contains a Simple Authentication and Security Layer, a method for adding authentication support to connection-based protocols. To use SASL, a protocol includes a command for identifying and authenticating a user to a server and for optionally negotiating protection of subsequent protocol interactions. If its use is negotiated, a security layer is inserted between the protocol and the connection.
Download (HTTP): http://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz
Download (FTP): ftp://ftp.andrew.cmu.edu/pub/cyrus-mail/cyrus-sasl-2.1.21.tar.gz
Download MD5 sum: dde02db234dea892bee298390890502e
Download size: 1.6 MB
Estimated disk space required: 16 MB
Estimated build time: 0.3 SBU
Linux-PAM-0.80, OpenLDAP-2.2.24, Heimdal-0.7 or MIT krb5-1.4.1, JDK-1.5.0, MySQL-4.1.12, PostgreSQL-8.0.3, Berkeley DB-4.3.28, GDBM-1.8.3, krb4, SQLite and Dmalloc
Install Cyrus SASL by running the following commands:
./configure --prefix=/usr --sysconfdir=/etc \ --with-dbpath=/var/lib/sasl/sasldb2 \ --with-saslauthd=/var/run && make
This package does not come with a test suite. If you are planning on using the GSSAPI authentication mechanism, it is recommended to test it after installing the package using the sample server and client programs which were built in the preceding step. Instructions for performing the tests can be found at http://www.linuxfromscratch.org/hints/downloads/files/cyrus-sasl.txt.
Now, as the root user:
make install && install -v -m644 saslauthd/saslauthd.8 /usr/share/man/man8 && install -v -m755 -d /usr/share/doc/cyrus-sasl-2.1.21 && install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \ saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-2.1.21 && install -v -m700 -d /var/lib/sasl
--with-dbpath=/var/lib/sasl/sasldb2: This parameter forces the saslauthd database to be created in /var/lib/sasl instead of /etc.
--with-saslauthd=/var/run: This parameter forces saslauthd to use the FHS compliant directory /var/run for variable run-time data.
--with-ldap: This parameter enables use with OpenLDAP.
--enable-ldapdb: This parameter enables the LDAPDB authentication backend. There is a circular dependency with this parameter which requires you to build the Cyrus SASL package, then the OpenLDAP package (with SASL support), then finally building the Cyrus SASL package again with this parameter.
install -v -m644 ...: These commands install documentation which is not installed by the make install command.
install -v -m700 -d /var/lib/sasl: This directory must exist when starting saslauthd. If you're not going to be running the daemon, you may omit the creation of this directory.
/etc/saslauthd.conf (for LDAP configuration) and /usr/lib/sasl2/Appname.conf (where "Appname" is the application defined name of the application)
See file:///usr/share/doc/cyrus-sasl-2.1.21/sysadmin.html for information on what to include in the application configuration files. See file:///usr/share/doc/cyrus-sasl-2.1.21/LDAP_SASLAUTHD for configuring saslauthd with OpenLDAP.
If you need to run the saslauthd daemon at system startup, install the /etc/rc.d/init.d/cyrus-sasl init script included in the blfs-bootscripts-6.1 package.
make install-cyrus-sasl
You'll need to modify the init script and replace the [authmech] parameter to the -a switch with your desired authentication mechanism.
Last updated on 2005-08-01 13:29:19 -0600