From owner-freebsd-questions@FreeBSD.ORG Thu Jan 10 20:06:58 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 642D616A46E for ; Thu, 10 Jan 2008 20:06:58 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from smtp3.utdallas.edu (smtp3.utdallas.edu [129.110.10.49]) by mx1.freebsd.org (Postfix) with ESMTP id A5F1513C448 for ; Thu, 10 Jan 2008 20:06:57 +0000 (UTC) (envelope-from pauls@utdallas.edu) Received: from utd59514.utdallas.edu (utd59514.utdallas.edu [129.110.3.28]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp3.utdallas.edu (Postfix) with ESMTP id BD0DE65504 for ; Thu, 10 Jan 2008 14:06:56 -0600 (CST) Date: Thu, 10 Jan 2008 14:06:56 -0600 From: Paul Schmehl To: FreeBSD Message-ID: <141D87EE051918F290E96172@utd59514.utdallas.edu> In-Reply-To: <47867597.2070800@grasslake.net> References: <478583BF.6090406@grasslake.net> <20080110064345.GF70027@roo.7f000001.org> <47867597.2070800@grasslake.net> X-Mailer: Mulberry/4.0.8 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline Subject: Re: Postfix with Cyrus SASL X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Jan 2008 20:06:58 -0000 --On Thursday, January 10, 2008 13:44:23 -0600 Shawn Barnhart wrote: > Michal F. Hanula wrote: >> Your postfix is trying to use saslauthd, which usually listens on >> /var/run/saslauthd/mux. The right way to fix this depends on whether >> you want to use saslauthd and the place you store your e-mail user data. >> > I want authentication against /etc/passwd (ultimately), not using sasldb2.db. > > There is no /var/run/saslauthd/mux, and saslauthd doesn't appear installed -- > I'm getting the impression that selecting "Cyrus-SASL" in the make config > dialog box for the Postfix port doesn't completely install cyrus-sasl > components. > It should, because it calls this: .if defined(WITH_SASL2) LIB_DEPENDS+= sasl2.2:${PORTSDIR}/security/cyrus-sasl2 POSTFIX_CCARGS+= -DUSE_SASL_AUTH -DUSE_CYRUS_SASL -I${LOCALBASE}/include -I${LOCALBASE}/include/sasl POSTFIX_AUXLIBS+= -L${LOCALBASE}/lib -lsasl2 -lpam -lcrypt .endif > I'm guessing the solution is to completely install the cyrus-sasl2 port to > enable the use of saslauthd. Yes? Or am I way off? Yes, you need to install saslauthd, however, if you checked the OPTION when you installed Postfix, it's most likely already installed. You *also* need to enable saslauthd in /etc/rc.conf: [root@mail /usr/ports/mail/postfix]# grep sasl /etc/rc.conf saslauthd_enable="YES" saslauthd_flags=" -a pam -n 2" (This uses /etc/passwd through pam, btw.) Look at /usr/local/etc/rc.d/saslauthd.sh for the options and flags available or read man (8) saslauthd. -- Paul Schmehl (pauls@utdallas.edu) Senior Information Security Analyst The University of Texas at Dallas http://www.utdallas.edu/ir/security/