From owner-freebsd-ports Tue May 16 8: 8:46 2000 Delivered-To: freebsd-ports@freebsd.org Received: from mail.wolves.k12.mo.us (mail.wolves.k12.mo.us [207.160.214.1]) by hub.freebsd.org (Postfix) with ESMTP id DC1AF37B805 for ; Tue, 16 May 2000 08:08:41 -0700 (PDT) (envelope-from cdillon@wolves.k12.mo.us) Received: from mail.wolves.k12.mo.us (cdillon@mail.wolves.k12.mo.us [207.160.214.1]) by mail.wolves.k12.mo.us (8.9.3/8.9.3) with ESMTP id KAA59842; Tue, 16 May 2000 10:08:30 -0500 (CDT) (envelope-from cdillon@wolves.k12.mo.us) Date: Tue, 16 May 2000 10:08:29 -0500 (CDT) From: Chris Dillon To: "Scot W. Hetzel" Cc: Brandon Fosdick , ports@FreeBSD.ORG Subject: Re: Cyrus Troubles In-Reply-To: <00ee01bfbecc$b4e55f00$8dfee0d1@westbend.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-ports@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org On Mon, 15 May 2000, Scot W. Hetzel wrote: > From: "Chris Dillon" > > On Mon, 15 May 2000, Brandon Fosdick wrote: > > > > > Does anyone have Cyrus IMAP working on a 4.0-S box? I installed it from > > > ports, changed the approriate lines in inet.conf, did a kill -HUP pid, > > > and...nothing. I can't access the account. What am I forgetting? I've > > > looked through the install instructions in /usr/local/share/docs/cyrus/ > > > but didn't receive any more wisdom than i started out with. Trying the > > > imtest thing listed in the install file gives me this: > > > > > Not currently, runni9ng on 4.0, but I do have it running on 3.3-STABLE. > > $ imtest -m login -p imap localhost > C: C01 CAPABILITY > S: * OK spare.westbend.net Cyrus IMAP4 v1.6.22 server ready > S: * CAPABILITY IMAP4 IMAP4rev1 ACL QUOTA LITERAL+ NAMESPACE UIDPLUS > X-NON-HIERARCHICAL-RENAME NO_ATOMIC_RENAME AUTH=DIGEST-MD5 AUTH=CRAM-MD > 5 UNSELECT > S: C01 OK Completed > Password: > > The secret to getting SASL working is to create the sasldb.db file by using > saslpasswd. > > NOTE: You must run the program as the cyrus user the first time, as the > sasldb.db file needs to be owned by this user. > > $ ls -l /usr/local/etc/sasldb.db > -rw------- 1 cyrus wheel 16384 Feb 14 23:38 sasldb.db > > In Cyrus.conf I have: > > cat /usr/local/lib/sasl/Cyrus.conf > pwcheck_method:shadow It turns out that this is not needed. The _only_ thing that needs to be done is cyrus must be able to read /usr/local/etc/sasldb.db. This doesn't make any sense at all to me, since pwcheck is supposed to do this, but cyrus isn't even talking to pwcheck. > and in imapd.conf I use: > > # If enabled, the partitions will also be hashed, in addition to the hashing > # done on configuration directories. This is recommended if one partition > has > # a very bushy mailbox tree. > # > hashimapspool: true > > # The mechanism used by the server to verify plaintext passwords. Possible > # values include "PAM", "kerberos_v4", "passwd", and "shadow" > # > sasl_pwcheck_method: pwcheck This isn't needed either, it seems. > # If enabled, the SASL library will automatically create authentication > # secrets when given a plaintext password. See the SASL documentation. > # > #sasl_auto_transition: no > > You'll also want to make sure that the pwcheck daemon is running. Since cyrus isn't talking to pwcheck, it doesn't have to be running at all. I don't know why it isn't, since thats the way I'd rather things be done (the way cyrus 1.5.x did). > > I've gone thorough all of the Cyrus and SASL docs and played with > > various configure options and so forth, without figuring it out. I'm > > only testing things out here, but I'd like to eventually get it > > running on a 3.4-STABLE box as well. > > > It took me a little while in getting it to work the first time. Had to dig > thru the cyrus-info archive for others that were having the same problems. Your tips helped a lot, thanks! The key was letting cyrus read /usr/local/etc/sasldb.db. I've made a 'sasl' group for the meantime, made the file readable by that group, and put the cyrus user in it. -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet. For Intel x86 and Alpha architectures. ( http://www.freebsd.org ) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message