Re: Postfix with Cyrus SASL
Michal F. Hanula wrote: Your postfix is trying to use saslauthd, which usually listens on /var/run/saslauthd/mux. The right way to fix this depends on whether you want to use saslauthd and the place you store your e-mail user data. I want authentication against /etc/passwd (ultimately), not using sasldb2.db. There is no /var/run/saslauthd/mux, and saslauthd doesn't appear installed -- I'm getting the impression that selecting Cyrus-SASL in the make config dialog box for the Postfix port doesn't completely install cyrus-sasl components. I'm guessing the solution is to completely install the cyrus-sasl2 port to enable the use of saslauthd. Yes? Or am I way off? ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 13:44:23 -0600 Shawn Barnhart
[EMAIL PROTECTED] wrote:
Michal F. Hanula wrote:
Your postfix is trying to use saslauthd, which usually listens on
/var/run/saslauthd/mux. The right way to fix this depends on whether
you want to use saslauthd and the place you store your e-mail user data.
I want authentication against /etc/passwd (ultimately), not using sasldb2.db.
There is no /var/run/saslauthd/mux, and saslauthd doesn't appear installed --
I'm getting the impression that selecting Cyrus-SASL in the make config
dialog box for the Postfix port doesn't completely install cyrus-sasl
components.
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${LOCALBASE}/include
-I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
I'm guessing the solution is to completely install the cyrus-sasl2 port to
enable the use of saslauthd. Yes? Or am I way off?
Yes, you need to install saslauthd, however, if you checked the OPTION when you
installed Postfix, it's most likely already installed. You *also* need to
enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags available or
read man (8) saslauthd.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the OPTION
when you installed Postfix, it's most likely already installed. You
*also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead as I
did select the SASL option when I built postfix and I have sasl libs in
/usr/local/lib and /usr/local/lib/sasl2 but none of the other sasl
components are installed. No saslauthd in /usr/local/etc/rc.d, no
manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl option
and hope I get a complete build?
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
On Thu, 10 Jan 2008 15:46:33 -0600
Shawn Barnhart [EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the
OPTION when you installed Postfix, it's most likely already
installed. You *also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead
as I did select the SASL option when I built postfix and I have sasl
libs in /usr/local/lib and /usr/local/lib/sasl2 but none of the other
sasl components are installed. No saslauthd in /usr/local/etc/rc.d,
no manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl
option and hope I get a complete build?
It has been awhile; however, if I remember correctly, the 'saslauthd'
daemon is not installed by Postfix. I think you are confusing this with
SASL in general. You might want to read the 'Complete Book of Postfix
for further information on getting SASL up and running. BTW, unless it
has changes, 'saslauthd' only handles plain text authentication.
--
Gerard
[EMAIL PROTECTED]
A chronic disposition to inquiry
deprives domestic felines of vital qualities.
signature.asc
Description: PGP signature
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 15:46:33 -0600 Shawn Barnhart
[EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the OPTION
when you installed Postfix, it's most likely already installed. You
*also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead as I did
select the SASL option when I built postfix and I have sasl libs in
/usr/local/lib and /usr/local/lib/sasl2 but none of the other sasl components
are installed. No saslauthd in /usr/local/etc/rc.d, no manpage, just
libraries mentioned above, and my postfix smtpd does appear to have a sasl
library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl option and
hope I get a complete build?
If Postfix is working as you expect (except for auth of course), I would just
force the reinstall of sasl (or deinstall and reinstall if that's your
preferred method.)
Saslauthd is installed in /usr/local/sbin/saslauthd, btw.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
--On Thursday, January 10, 2008 17:01:03 -0500 Gerard [EMAIL PROTECTED]
wrote:
On Thu, 10 Jan 2008 15:46:33 -0600
Shawn Barnhart [EMAIL PROTECTED] wrote:
Paul Schmehl wrote:
It should, because it calls this:
.if defined(WITH_SASL2)
LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2
POSTFIX_CCARGS+=-DUSE_SASL_AUTH -DUSE_CYRUS_SASL
-I${LOCALBASE}/include -I${LOCALBASE}/include/sasl
POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt
.endif
Yes, you need to install saslauthd, however, if you checked the
OPTION when you installed Postfix, it's most likely already
installed. You *also* need to enable saslauthd in /etc/rc.conf:
[EMAIL PROTECTED] /usr/ports/mail/postfix]# grep sasl /etc/rc.conf
saslauthd_enable=YES
saslauthd_flags= -a pam -n 2
(This uses /etc/passwd through pam, btw.)
Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags
available or read man (8) saslauthd.
Either I'm totally fubar, or the ports snapshot I have is braindead
as I did select the SASL option when I built postfix and I have sasl
libs in /usr/local/lib and /usr/local/lib/sasl2 but none of the other
sasl components are installed. No saslauthd in /usr/local/etc/rc.d,
no manpage, just libraries mentioned above, and my postfix smtpd does
appear to have a sasl library run-time dependency per ldd.
Is the better fix to manually re-install the same Cyrus sasl port or
deinstall both it and postfix and rebuild postfix with the sasl
option and hope I get a complete build?
It has been awhile; however, if I remember correctly, the 'saslauthd'
daemon is not installed by Postfix. I think you are confusing this with
SASL in general. You might want to read the 'Complete Book of Postfix
for further information on getting SASL up and running. BTW, unless it
has changes, 'saslauthd' only handles plain text authentication.
I think you're right. It's been a while for me as well, but looking at ports I
see that there's a totally separate cyrus-sasl2-saslauthd port, and it doesn't
appear to be a dependency for postfix.
I think saslauthd will handle kerberos as well as plaintext, but most people
use plaintext and then ssl-ize postfix to encrypt the session.
--
Paul Schmehl ([EMAIL PROTECTED])
Senior Information Security Analyst
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/
___
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
Postfix with Cyrus SASL
I'm running a recently built 6.2 stable build (which uname calls 6.3-PRERELEASE) and Postfix built from ports with the Cyrus SASLv2 option. Postfix works fine, including TLS but SASAL authentication logs file not found errors. Jan 9 17:14:10 postfix postfix/smtpd[48488]: warning: SASL authentication failure: cannot connect to saslauthd server: No such file or directory Jan 9 17:14:10 postfix postfix/smtpd[48488]: warning: unknown[192.168.1.152]: SASL LOGIN authentication failed: generic failure I'm not sure which file or directory is missing. The docs on this are sketchy, most of what is listed is way out of date, and the most up to date docs, http://www.postfix.org/SASL_README.html isn't terribly platform specific. Its not entirely clear if I need other SASL components; the entire Cyrus SASL package appears installed. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Postfix with Cyrus SASL
Your postfix is trying to use saslauthd, which usually listens on /var/run/saslauthd/mux. The right way to fix this depends on whether you want to use saslauthd and the place you store your e-mail user data. mf -- Speak softly and carry a big lion pgpNdevFsSGQS.pgp Description: PGP signature
