On 5/9/2004 7:53 AM, Chris Kloiber wrote:
Nope, I just beat it to death (learned all I know now about it in the last 2-3 hours) and I successfully used our official packages without users being listed in /etc/passwd or /etc/shadow by using sasldb authentication. I followed the instructions here:
http://asg.web.cmu.edu/cyrus/download/imapd/install.html
(specifically the "Authenticating Users" section)
Can you (or anyone who knows) explain this on more detail? The pointer to the page, specifically that section, doesn't really cut it. The way imap.conf comes with FC2T3 is:
sasl_pwcheck_method: saslauthd sasl_mech_list: PLAIN
As we all know. Also, the file on /etc/sysconfig/saslauthd contains (among others):
MECH=shadow
With very little documentation about what was done on FC2T3, I created a password for imap admin user cyrus (listed on /etc/imapd.conf as "admins: cyrus"), --passwd cyrus--, su to it --su cyrus-- and after 'cyradm localhost', authenticating with the previously set password, I was ready to add users. Now those users had to be created on the system as regular users as well, just like cyrus is. And, of course, saslauthd must be running and so cyrus-imap.
The above procedures work. Proved. But, as some already noticed, the users created with cyradm must be also present on /etc/passwd and /etc/shadow and /etc/groups... in other words, they must be users of the system, even 'shell-less' one's, doesn't matter, they must be real users.
So, can you, or anyone, detail as simply as I just did, how to accomplish the userless (using /etc/sasldb or sasldb2) scenario?
Cheers,