cyrus-imap
Chris Kloiber
ckloiber at ckloiber.com
Sun May 9 23:43:06 UTC 2004
On Mon, 2004-05-10 at 05:15, David Collantes wrote:
> On 5/9/2004 7:53 AM, Chris Kloiber wrote:
>
> > Nope, I just beat it to death (learned all I know now about it in the
> > last 2-3 hours) and I successfully used our official packages without
> > users being listed in /etc/passwd or /etc/shadow by using sasldb
> > authentication. I followed the instructions here:
> >
> > http://asg.web.cmu.edu/cyrus/download/imapd/install.html
> >
> > (specifically the "Authenticating Users" section)
>
> Can you (or anyone who knows) explain this on more detail? The pointer to the
> page, specifically that section, doesn't really cut it. The way imap.conf
> comes with FC2T3 is:
>
> sasl_pwcheck_method: saslauthd
> sasl_mech_list: PLAIN
>
> As we all know. Also, the file on /etc/sysconfig/saslauthd contains (among
> others):
>
> MECH=shadow
>
> With very little documentation about what was done on FC2T3, I created a
> password for imap admin user cyrus (listed on /etc/imapd.conf as "admins:
> cyrus"), --passwd cyrus--, su to it --su cyrus-- and after 'cyradm localhost',
> authenticating with the previously set password, I was ready to add users. Now
> those users had to be created on the system as regular users as well, just
> like cyrus is. And, of course, saslauthd must be running and so cyrus-imap.
>
> The above procedures work. Proved. But, as some already noticed, the users
> created with cyradm must be also present on /etc/passwd and /etc/shadow and
> /etc/groups... in other words, they must be users of the system, even
> 'shell-less' one's, doesn't matter, they must be real users.
>
> So, can you, or anyone, detail as simply as I just did, how to accomplish the
> userless (using /etc/sasldb or sasldb2) scenario?
/etc/imapd.conf:
sasl_pwcheck_method: auxprop
sasl_mech_list: PLAIN
Turn off saslauthd if nothing else is using it.
run, and create a password:
# touch /etc/sasldb2
# chown cyrus /etc/sasldb2
# saslpasswd2 cyrus
# service cyrus-imapd restart
# cyradm --user cyrus localhost
Then log in with the password you created with saslpasswd2.
I was able to create mailboxes for users with no entries in /etc/passwd
on the system, and access them from evolution. I was *NOT* able to
delete those accounts using 'dm username' I keep getting 'permission
denied'. That's something I'm probably not doing right.
--
Chris Kloiber
More information about the fedora-test-list
mailing list