Jürgen Herz wrote: > I want to use DIGEST-MD5 mechanism with Exim and so try to make use of > Cyrus' SASL lib. To do so I've added line to the exim4.conf. > > Exim seems to use the lib, but I can't get it to use saslauthd since > auth.log says "exim4: unable to open Berkeley db /etc/sasldb2: > Permission denied."
The SASL library will be running as the Exim user. But if you want to use LDAP it shouldn't need to look there. > I also created a /usr/lib/sasl2/exim.conf which contains > pwcheck_method:saslauthd I think you should use the LDAP auxprop plugin instead of saslauthd to work with DIGEST-MD5. Note that you'll need access to either a plaintext copy of the password, or the MD5 hash of "user:realm:password" (IIRC), in the LDAP database. I'm not sure libsasl2 can cope with the latter. > Has someone a setup where Exim uses saslauthd over cyrus_sasl and can > help me here? Here's an exim.conf for pgsql (not using saslauthd): mech_list: DIGEST-MD5 CRAM-MD5 NTLM PLAIN LOGIN auxprop_plugin: sql sql_engine: pgsql sql_hostnames: localhost sql_user: <exim_user> sql_passwd: <exim_password> sql_database: <dbname> sql_select: select %p from <table> where <usernamefield> = '%u' I suspect the LDAP auxprop implementation will be similar. HTH Matt -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
