Hello Ellie, Thanks a lot ! This helped a lot ! :-)
Did just what you said about START=yes and MECHANISM=sasldb and I have saslauthd running automatically too now. Best regards, Conrad Kleinespel conr...@conradk.com +33 6 23 82 42 79 On Fri, May 22, 2015, at 07:00 AM, ellie timoney wrote: > I also had to update /etc/default/saslauthd, and set: > > START=yes #default was no > MECHANISM="sasldb" #default was "pam" > > Then rebooting got me saslauthd running by default. > > I then start up cyrus, and can use something like: > /path/to/cyrus/bin/imtest -a ellie -m login -p imap localhost > to verify that login to the cyrus server works with the sasl credentials > created earlier. > > For whatever reason, manually invoking "sudo /etc/init.d/saslauthd > start" would report success but wouldn't actually start the service (no > saslauthd processes running). The comments in the file above state that > "START=yes" is only required to start the service automatically on > startup (implying that "no" is ok if you intend to start it by hand), > but in my experimentation it seems like it's required for the service to > start at all (at least if you're using the init.d script). > > I still haven't had to change any permissions on /var/run/saslauthd > > On Fri, May 22, 2015, at 10:05 AM, ellie timoney wrote: > > Sorry for late response, I've been away from the office and therefore > > away from my dev machine. > > > > > I installed "saslpasswd2" with: > > > sudo apt-get install sasl2-bin > > > > Yep > > > > > I launched the saslauth daemon with the following command: > > > sudo -g sasl saslauthd -a sasldb -d -m /var/run/saslauthd/ -V > > > > > > > The usual way on Debian/Ubuntu and similar would be: > > sudo /etc/init.d/saslauthd start > > > > (I think RedHat/Fedora/CentOS/etc use something like "sudo service > > saslauthd start") > > > > > I setup a user with: > > > sudo saslpasswd2 -c conradk > > > > > > I tested that the user was OK with: > > > sudo testsaslauthd -u conradk -p secret_password > > > > Yep > > > > > I gave access to saslauthd to Cyrus with (I recommend not setting these > > > permissions in production unless you are sure you know the implications, > > > I don't, but this is for local development on my machine): > > > sudo usermod -aG sasl cyrus > > > sudo usermod -aG sasl conradk > > > sudo setfacl -dRm g:sasl:rwx /var/run/saslauthd > > > sudo setfacl -Rm g:sasl:rwx /var/run/saslauthd > > > sudo setfacl -dRm g:mail:rwx /var/run/saslauthd > > > sudo setfacl -Rm g:mail:rwx /var/run/saslauthd > > > sudo setfacl -dRm u:cyrus:rwx /var/run/saslauthd > > > sudo setfacl -Rm u:cyrus:rwx /var/run/saslauthd > > > sudo setfacl -dRm u:conradk:rwx /var/run/saslauthd > > > sudo setfacl -Rm u:conradk:rwx /var/run/saslauthd > > > > I haven't had to do most of this when installing the entire stack > > (cyrus, sasl, and so on) from apt packages, only needed to add cyrus > > user to the sasl group (makes sense - I would expect all the apt > > packages to be mutually configured to cooperate out of the box). But I > > haven't got an environment build from cyrus source running correctly > > yet, so I'll see if this helps. > > > > > For completeness, here's my /etc/imapd.conf file: > > > configdirectory: /home/conradk/.cyrus-server/var/imap > > > partition-default: /home/conradk/.cyrus-server/var/spool/imap > > > admins: conradk > > > sasl_pwcheck_method: saslauthd > > > allowplaintext: yes > > > > >From what I've seen it's "preferable" to use: > > sasl_pwcheck_method: auxprop > > sasl_auxprop_plugin: sasldb > > > > rather than: > > sasl_pwcheck_method: saslauthd > > > > ... though I'm not sure of the ramifications of either. > > > > On Tue, May 19, 2015, at 08:58 AM, Conrad Kleinespel wrote: > > > Hello, > > > > > > I have finally got cyradm to connect to the Cyrus server through SASL. > > > I'm documenting what I did for convenience and so it's written > > > somewhere. Maybe it can help others. > > > > > > I installed "saslpasswd2" with: > > > sudo apt-get install sasl2-bin > > > > > > I launched the saslauth daemon with the following command: > > > sudo -g sasl saslauthd -a sasldb -d -m /var/run/saslauthd/ -V > > > > > > I setup a user with: > > > sudo saslpasswd2 -c conradk > > > > > > I tested that the user was OK with: > > > sudo testsaslauthd -u conradk -p secret_password > > > > > > I gave access to saslauthd to Cyrus with (I recommend not setting these > > > permissions in production unless you are sure you know the implications, > > > I don't, but this is for local development on my machine): > > > sudo usermod -aG sasl cyrus > > > sudo usermod -aG sasl conradk > > > sudo setfacl -dRm g:sasl:rwx /var/run/saslauthd > > > sudo setfacl -Rm g:sasl:rwx /var/run/saslauthd > > > sudo setfacl -dRm g:mail:rwx /var/run/saslauthd > > > sudo setfacl -Rm g:mail:rwx /var/run/saslauthd > > > sudo setfacl -dRm u:cyrus:rwx /var/run/saslauthd > > > sudo setfacl -Rm u:cyrus:rwx /var/run/saslauthd > > > sudo setfacl -dRm u:conradk:rwx /var/run/saslauthd > > > sudo setfacl -Rm u:conradk:rwx /var/run/saslauthd > > > > > > Then, something like this should work (note I execute the command as the > > > "cyrus" user): > > > sudo -u cyrus testsaslauthd -u cyrus -p secret_password > > > > > > I connected to Cyrus with cyradm from within Docker like this: > > > cyradm --user cyrus --notls --auth PLAIN $docker_host_ip > > > > > > For completeness, here's my /etc/imapd.conf file: > > > configdirectory: /home/conradk/.cyrus-server/var/imap > > > partition-default: /home/conradk/.cyrus-server/var/spool/imap > > > admins: conradk > > > sasl_pwcheck_method: saslauthd > > > allowplaintext: yes > > > > > > Note that I set "allowplaintext" to "yes" and "sasl_pwcheck_method" is > > > set to "saslauthd", which is what I'm using in the examples above. > > > > > > Best regards, > > > > > > Conrad Kleinespel > > > conr...@conradk.com > > > +33 6 23 82 42 79 > > > > > > On Mon, May 18, 2015, at 11:22 AM, Conrad Kleinespel wrote: > > > > Hello again, > > > > > > > > I have not yet found a way to run "cyradm" directly on my machine. So I > > > > downloaded the Docker images (from > > > > https://git.cyrus.foundation/diffusion/ID/) and now I can run "cyradm" > > > > from within Docker. This seems to work as expected: I can connect to the > > > > Docker host from within a container. > > > > > > > > However, when I run something like "cyradm --user conradk 172.17.42.1" > > > > (when the IP is the IMAP server's IP), "cyradm" requires a password. > > > > >From what I understand after some Google searches, I need to use a tool > > > > called "saslpasswd2" to set the password of my admin user. This tools is > > > > apparently not in the Docker image. > > > > > > > > So I went to download Cyrus SASL (from > > > > https://git.cyrus.foundation/diffusion/S/). I followed the instructions > > > > from "doc/install.html" but when running "./configure", I get an error I > > > > don't understand: > > > > > > > > ./configure: line 5574: syntax error near unexpected token > > > > `SASL_DB_LIB=""' > > > > ./configure: line 5574: `SASL_DB_LIB=""' > > > > > > > > I tried running "SASL_DB_LIB=`pwd`/sasldb ./configure" but that doesn't > > > > change anything. > > > > > > > > If you know a way to make this work, I would be grateful for your help > > > > :-) > > > > > > > > Best regards, > > > > > > > > Conrad Kleinespel > > > > conr...@conradk.com > > > > +33 6 23 82 42 79 > > > > > > > > On Sun, May 17, 2015, at 05:11 PM, Conrad Kleinespel wrote: > > > > > I forgot to mention something in the steps to reproduce. Right after > > > > > cloning, I built Cyrus like so: > > > > > > > > > > autoreconf -s -i > > > > > ./configure CFLAGS="-Wno-unused-parameter -g -O0 -Wall -Wextra > > > > > -Werror" --enable-coverage --enable-http --enable-unit-tests > > > > > --enable-replication --with-openssl=yes --enable-nntp > > > > > --enable-murder --enable-idled --prefix=`pwd` --enable-sieve && > > > > > make > > > > > && make install > > > > > make lex-fix > > > > > make > > > > > make install > > > > > > > > > > Note that the "prefix" is set to the directory of the "master" branch. > > > > > > > > > > Thanks again for any help you can provide, > > > > > > > > > > Best regards, > > > > > > > > > > -- > > > > > Conrad Kleinespel > > > > > conr...@conradk.com > > > > > +33 6 23 82 42 79 > > > > > > > > > > On Sun, May 17, 2015, at 05:00 PM, Conrad Kleinespel wrote: > > > > > > Hello everyone, > > > > > > > > > > > > I'm setting up a Cyrus / Sendmail server. I wanted to create a > > > > > > mailbox, > > > > > > so I tried doing this with the "cyradm" tool. Unfortunately, I'm > > > > > > struggling with Perl errors, specifically: > > > > > > > > > > > > Can't locate loadable object for module Cyrus::IMAP in @INC > > > > > > (@INC > > > > > > contains: /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.20.2 > > > > > > /usr/local/share/perl/5.20.2 > > > > > > /usr/lib/x86_64-linux-gnu/perl5/5.20 > > > > > > /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.20 > > > > > > /usr/share/perl/5.20 /usr/local/lib/site_perl .) > > > > > > > > > > > > Steps to reproduce on my machine are: > > > > > > > > > > > > - clone the cyrus-imapd "master" branch > > > > > > - change directory to "perl/imap/blib/lib/" > > > > > > - run this command: perl -e"use Cyrus::IMAP;" > > > > > > > > > > > > I'm thinking this may be a missing library on my machine. But I > > > > > > have not > > > > > > yet found a way to know which one. The packages "Carp" and > > > > > > "IO::File" > > > > > > are both available. Cyrus builds fine and is running. I'm on Ubuntu > > > > > > Linux 15.04. > > > > > > > > > > > > Would you know a way to get this to work ? > > > > > > > > > > > > I appreciate you taking the time to read this and am grateful for > > > > > > any > > > > > > help / tips / hints :-) > > > > > > > > > > > > -- > > > > > > Conrad Kleinespel > > > > > > conr...@conradk.com > > > > > > +33 6 23 82 42 79
