Date: Tue, 16 May 2000 10:28:09 -0500 (CDT) From: Chris Dillon <cdillon@wolves.k12.mo.us> To: "Scot W. Hetzel" <hetzels@westbend.net> Cc: Brandon Fosdick <bfoz@Glue.umd.edu>, ports@FreeBSD.ORG Subject: Re: Cyrus Troubles Message-ID: <Pine.BSF.4.20.0005161010260.59205-100000@mail.wolves.k12.mo.us> In-Reply-To: <Pine.BSF.4.20.0005161003370.59205-100000@mail.wolves.k12.mo.us>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 16 May 2000, Chris Dillon wrote: > It turns out that this is not needed. The _only_ thing that needs to > be done is cyrus must be able to read /usr/local/etc/sasldb.db. This > doesn't make any sense at all to me, since pwcheck is supposed to do > this, but cyrus isn't even talking to pwcheck. 'Tis best to double-check before I speak. Cyrus does NOT need to read sasldb.db. I got cyrus to use the pwcheck daemon just by adding "sasl_pwcheck_method: pwcheck" in imapd.conf like you mentioned before, which I swear didn't work the first time I tried it. :-) It is also an undocumented method, since the only listed methods in the documentation are "PAM", "passwd", "shadow", "sasldb", and "kerberos_v4". > > and in imapd.conf I use: > > > > # If enabled, the partitions will also be hashed, in addition to the hashing > > # done on configuration directories. This is recommended if one partition > > has > > # a very bushy mailbox tree. > > # > > hashimapspool: true > > > > # The mechanism used by the server to verify plaintext passwords. Possible > > # values include "PAM", "kerberos_v4", "passwd", and "shadow" > > # > > sasl_pwcheck_method: pwcheck > > This isn't needed either, it seems. As I corrected myself, it is. :-) It still doesn't make sense, but it is. The method that would make sense is "sasldb", since pwcheck isn't even a valid method. But I'll be damned if it doesn't work. :-/ But that is ALL that is required. sasldb.db can be readable only by root, which the pwcheck daemon runs as. I do suppose now that you could run the pwcheck daemon as another user (a "sasl" user perhaps?) and be readable by that user. I still can't figure out how to get pwcheck to check the local unix password database instead of sasldb.db, though. -- Chris Dillon - cdillon@wolves.k12.mo.us - cdillon@inter-linc.net FreeBSD: The fastest and most stable server OS on the planet. For Intel x86 and Alpha architectures. ( http://www.freebsd.org ) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.20.0005161010260.59205-100000>