Cyrus SASL-2.1.22
Introduction to Cyrus SASL
The Cyrus SASL package contains a
Simple Authentication and Security Layer, a method for adding
authentication support to connection-based protocols. To use SASL,
a protocol includes a command for identifying and authenticating a
user to a server and for optionally negotiating protection of
subsequent protocol interactions. If its use is negotiated, a
security layer is inserted between the protocol and the connection.
Package Information
Cyrus SASL Dependencies
Required
OpenSSL-0.9.8g
Optional
Linux-PAM-0.99.10.0, OpenLDAP-2.3.39, Heimdal-1.1 or MIT Kerberos
V5-1.6, JDK-6 Update 5, MySQL-5.0.41,
PostgreSQL-8.2.4, GDBM-1.8.3, krb4, SQLite, and Dmalloc
User Notes: http://wiki.linuxfromscratch.org/blfs/wiki/cyrus-sasl
Installation of Cyrus SASL
Install Cyrus SASL by running the
following commands:
./configure --prefix=/usr --sysconfdir=/etc \
--with-dbpath=/var/lib/sasl/sasldb2 \
--with-saslauthd=/var/run/saslauthd &&
make
This package does not come with a test suite. If you are planning
on using the GSSAPI authentication mechanism, it is recommended to
test it after installing the package using the sample server and
client programs which were built in the preceding step.
Instructions for performing the tests can be found at
http://www.linuxfromscratch.org/hints/downloads/files/cyrus-sasl.txt.
Now, as the root user:
make install &&
install -v -m755 -d /usr/share/doc/cyrus-sasl-2.1.22 &&
install -v -m644 doc/{*.{html,txt,fig},ONEWS,TODO} \
saslauthd/LDAP_SASLAUTHD /usr/share/doc/cyrus-sasl-2.1.22 &&
install -v -m700 -d /var/lib/sasl /var/run/saslauthd
Command Explanations
--with-dbpath=/var/lib/sasl/sasldb2:
This parameter forces the sasldb database to be created in
/var/lib/sasl instead of /etc.
--with-saslauthd=/var/run/saslauthd:
This parameter forces saslauthd to use the FHS
compliant directory /var/run/saslauthd for variable run-time data.
--with-dblib=gdbm: This
parameter forces GDBM to be used
instead of Berkeley DB.
--with-ldap: This parameter enables use
with OpenLDAP.
--enable-ldapdb: This parameter enables
the LDAPDB authentication backend. There is a circular dependency
with this parameter. See http://wiki.linuxfromscratch.org/blfs/wiki/cyrus-sasl
for a solution to this problem.
install -v -m644 ...:
These commands install documentation which is not installed by the
make install command.
install -v -m700 -d /var/lib/sasl
/var/run/saslauthd: These directories must exist
when starting saslauthd or using the sasldb
plugin. If you're not going to be running the daemon or using the
plugins, you may omit the creation of this directory.
Configuring Cyrus SASL
Config
Files
/etc/saslauthd.conf (for
saslauthd LDAP
configuration) and /etc/sasl2/Appname.conf (where "Appname" is the
application defined name of the application)
Init Script
If you need to run the saslauthd daemon at system
startup, install the /etc/rc.d/init.d/cyrus-sasl init script
included in the blfs-bootscripts-20080816 package.
make install-cyrus-sasl
![[Note]](../images/note.png)
Note
You'll need to modify the init script and replace the
<authmech>-a switch with
your desired authentication mechanism.
Contents
Installed Programs:
saslauthd, sasldblistusers2, and
saslpasswd2
Installed Libraries:
libjavasasl.so, libsasl2.so, and numerous
SASL plugins and Java classes
Installed Directories:
/usr/include/sasl,
/usr/lib/java/classes/sasl, /usr/lib/sasl2,
/usr/share/doc/cyrus-sasl-2.1.22, and /var/lib/sasl
Short Descriptions
|
saslauthd
|
is the SASL authentication server.
|
|
sasldblistusers2
|
is used to list the users in the SASL password database
sasldb2.
|
|
saslpasswd2
|
is used to set and delete a user's SASL password and
mechanism specific secrets in the SASL password database
sasldb2.
|
|
libsasl2.so
|
is a general purpose authentication library for server
and client applications.
|
Last updated on 2007-09-04 07:50:55 -0500