ports/42153: security/cyrus-sasl: Add example PAM file and update Sendmail.README - Scot W. Hetzel - org.freebsd.freebsd-ports

3 messages in org.freebsd.freebsd-portsports/42153: security/cyrus-sasl: Add...

From	Sent On	Attachments
Scot W. Hetzel	Aug 28, 2002 8:45 pm
Scot W. Hetzel	Aug 28, 2002 9:29 pm
David W. Chapman Jr.	Sep 1, 2002 9:38 am

Subject:	ports/42153: security/cyrus-sasl: Add example PAM file and update Sendmail.README
From:	Scot W. Hetzel (hetz...@westbend.net)
Date:	Aug 28, 2002 8:45:49 pm
List:	org.freebsd.freebsd-ports

Number: 42153 Category: ports Synopsis: security/cyrus-sasl: Add example PAM file and update
Sendmail.README Confidential: no Severity: non-critical Priority: low Responsible: freebsd-ports State: open Quarter: Keywords: Date-Required: Class: maintainer-update Submitter-Id: current-users Arrival-Date: Wed Aug 28 21:00:05 PDT 2002 Closed-Date: Last-Modified: Originator: Scot W. Hetzel Release: FreeBSD 4.5-STABLE i386 Organization: West Bend Internet Environment:

System:

FreeBSD wbiW009.westbend.net 4.6-STABLE FreeBSD 4.6-STABLE #0: Wed Aug 14
18:07:06 CDT 2002
ro...@wbiW009.westbend.net:/usr/obj/usr/src/src4/sys/GENERIC-SMP i386

Description:

- add an example PAM file for saslauthd and pwcheck_pam daemons - update the Sendmail.README file to include instructions for using the security/cyrus-sasl2 port.

How-To-Repeat:

Fix:

Changed Files: Makefile pkg-plist files/Sendmail.README

New Files: files/cyrus.pam

Index: Makefile =================================================================== RCS file: /home/ncvs/ports/security/cyrus-sasl/Makefile,v retrieving revision 1.46 diff -u -r1.46 Makefile --- Makefile 22 Aug 2002 19:13:36 -0000 1.46 +++ Makefile 29 Aug 2002 02:56:21 -0000 @@ -42,7 +42,7 @@ sasl_listmech.3 sasl_log_t.3 sasl_server_init.3 \ sasl_server_new.3 sasl_server_start.3 sasl_server_step.3 \ sasl_setprop.3 sasl_usererr.3 -MAN8= sasldblistusers.8 saslpasswd.8 saslauthd.8 +MAN8= sasldblistusers.8 saslpasswd.8 saslauthd1.8

USE_AUTOMAKE_VER=14 USE_LIBTOOL= YES @@ -99,6 +99,7 @@ GSSAPI=${GSSAPI} \ EBONES=${EBONES} \ DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \ + EXAMPLESDIR=${EXAMPLESDIR:S/^${PREFIX}\///}

LDAP_MYSQL_PATCH= ldap-mysql_sasl-${PORTVERSION}/sasl-ldap+mysql.patch

@@ -150,11 +151,21 @@ @${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL @if [ -f ${PREFIX}/sbin/saslauthd ]; then \ mv ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd2; \ + if [ -f ${PREFIX}/man/man8/saslauthd.8 ]; then \ + mv ${PREFIX}/man/man8/saslauthd.8 \ + ${PREFIX}/man/man8/saslauthd2.8; \ + elif [ -f ${PREFIX}/man/man8/saslauthd.8.gz ]; then \ + mv ${PREFIX}/man/man8/saslauthd.8.gz \ + ${PREFIX}/man/man8/saslauthd2.8.gz; \ + fi; \ fi

post-install: @${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${PWCHECK_SUB} \ ${FILESDIR}/pwcheck.sh > ${PREFIX}/etc/rc.d/pwcheck.sh + @${MKDIR} ${EXAMPLESDIR} + @${SED} -e 's;%%PREFIX%%;${PREFIX};g' \ + ${FILESDIR}/cyrus.pam > ${EXAMPLESDIR}/cyrus.pam @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck @${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${SASLAUTHD_SUB} \ @@ -174,8 +185,16 @@ @${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR} .endif @mv ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd1 + @mv ${PREFIX}/man/man8/saslauthd.8 ${PREFIX}/man/man8/saslauthd1.8 @if [ -f ${PREFIX}/sbin/saslauthd2 ]; then \ mv ${PREFIX}/sbin/saslauthd2 ${PREFIX}/sbin/saslauthd; \ + if [ -f ${PREFIX}/man/man8/saslauthd2.8 ]; then \ + mv ${PREFIX}/man/man8/saslauthd2.8 \ + ${PREFIX}/man/man8/saslauthd.8; \ + elif [ -f ${PREFIX}/man/man8/saslauthd2.8.gz ]; then \ + mv ${PREFIX}/man/man8/saslauthd2.8.gz \ + ${PREFIX}/man/man8/saslauthd.8.gz; \ + fi; \ fi @PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME}
POST-INSTALL @${CAT} ${PKGMESSAGE} Index: pkg-plist =================================================================== RCS file: /home/ncvs/ports/security/cyrus-sasl/pkg-plist,v retrieving revision 1.16 diff -u -r1.16 pkg-plist --- pkg-plist 14 Aug 2002 18:39:45 -0000 1.16 +++ pkg-plist 29 Aug 2002 02:49:45 -0000 @@ -43,6 +43,7 @@ sbin/pwcheck sbin/pwcheck_pam sbin/saslauthd1 +%%EXAMPLESDIR%%/cyrus.pam %%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class %%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class %%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class @@ -93,14 +94,14 @@ @dirrm lib/sasl @cwd /var @exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck -@comment This file gets created by the pwcheck program +@comment This file is created by the pwcheck program @unexec rm -f %D/pwcheck/pwcheck @dirrm pwcheck @mode ug=rwx,o= @exec mkdir -p /var/state/saslauthd1 @exec chown -R cyrus:cyrus state @exec chmod -R o= state -@comment This file gets created by the state/saslauthd program +@comment These files are created by the saslauthd program @unexec rm -fr /var/state/saslauthd1 @unexec rmdir /var/state @cwd %%PREFIX%% Index: files/Sendmail.README =================================================================== RCS file: /home/ncvs/ports/security/cyrus-sasl/files/Sendmail.README,v retrieving revision 1.6 diff -u -r1.6 Sendmail.README --- files/Sendmail.README 28 Jul 2002 17:26:12 -0000 1.6 +++ files/Sendmail.README 14 Aug 2002 18:51:25 -0000 @@ -7,14 +7,25 @@ SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl

- NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added + NOTE: 1. Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option

+ Starting with Sendmail 8.12, you can also use the security/cyrus-sasl2 + port. Then you will not need the SASL V1 port installed. + + SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 + SENDMAIL_LDFLAGS=-L/usr/local/lib + SENDMAIL_LDADD=-lsasl2 + + 2) Rebuild FreeBSD (make buildworld, ...)

-3) Create /usr/local/lib/sasl/Sendmail.conf with the following. +3) Make sure that the pwcheck_method is correct in Sendmail.conf.

- pwcheck_method: pwcheck + Sendmail.conf (${PREFIX}/lib/sasl{,2}/Sendmail.conf) is created by + the cyrus-sasl and cyrus-sasl2 ports during installation. It may have + pwcheck_method set to either pwcheck (V1 only) or saslauthd (V1 & V2) by + default. Change this to what is appropriate for your site.

4) Add the following to your sendmail.mc file:

@@ -44,7 +55,8 @@

PLAIN is required for Netscape Communicator users. By default Netscape Communicator will use SASL Authentication when sendmail is compiled with - SASL. + SASL and will cause your users to enter their passwords each time they + retreive their mail (NS 4.7).

The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you are using cyrus-imapd and sendmail on the same server that requires access Index: files/cyrus.pam =================================================================== RCS file: files/cyrus.pam diff -N files/cyrus.pam --- /dev/null 1 Jan 1970 00:00:00 -0000 +++ files/cyrus.pam 29 Aug 2002 02:46:28 -0000 @@ -0,0 +1,18 @@ +# +# $FreeBSD$ +# +# PAM configuration for the "cyrus" service +# Copy this file to /etc/pam.d/cyrus +# + +# auth +#auth required pam_nologin.so no_warn +#auth sufficient %%PREFIX%%/lib/pam_ldap.so nowarn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn +#auth required pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass + +# account +#account sufficient %%PREFIX%%/lib/pam_ldap.so +account required pam_unix.so

Release-Note: Audit-Trail: Unformatted:

To Unsubscribe: send mail to majo...@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets