Henrique de Moraes Holschuh said: > Use my *official* debs. Duh. The ones for woody are official, they just > are not shipped with woody :-P sid includes cyrus 1.5 (deprecated > upstream) and cyrus 2.1. 2.2 is comming in one month or so. Woody > (debian 3.0) has official debs of 1.5 (shipped by Debian), and 2.1 > (shipped by me, at http://people.debian.org/~hmh).
those are the ones I used :) when I said unofficial I meant not part of woody. I guess there could be a better way to say it. > >> and it just looks horrible to me. All this sasl crap, incompadiblities > > Cyrus 1.5 also has SASL problems. Anyway, Cyrus 2.1 will do LDAP auth > very easily, as long as it is against an open-ldap server (there is no > need to muck around with PAM to do that, then). I use it here, and it > doesn't even glitch. yes but the bug reports listed against it(referenced in the docs for the package) say it will cause major problems with libnss-ldap which I rely upon for other things(such as postfix local mail routing, and authentication for ssh/kdm/su/etc). Though at least in postfix's case I suppose I wouldn't need it if I used sasl, but that doesn't help me for the other things which use libnss-ldap. cyrus 1.5 may have sasl problems ? I suppose it could but I've never run accross anything sasl related in 1.5, maybe it's all backend and transparent, no sasl user database no problems with libraries linking etc. Perhaps cyrus 1.5 statically links against sasl? I can find no sasl references in it's dependency list nor in the libraries it's linked against(checked imapd, pop3d, and pwcheck). though an apt-get remove libsasl7 reports a buncha stuff that would be removed including cyrus, perhaps it depends on something else that depends on sasl, though in my brief examinations I couldn't find out what that package was. > Have a look on the new docs in cyrus21-docs, they might change your mind. > Or not. SASL is a bitch to configure if you need to do anything fancy > with it. see above, about libnss-ldap, is that info out of date now? last time I tried was about maybe 2-3 weeks ago. > Heh. The people who write Cyrus write SASL. Why should they do their work > twice? yeah I know that but I see no reason for sasl, I looked at the description of it briefly and still do not understand what the point of using it is. If I want secure authentication I'll use VPN or IMAPS(via sslwrap), and if I want to abstract authentication I can use PAM, that way I can abstract authentcation for many kinds of services since many apps seem to support PAM, and not so many support SASL in my journeys. that said, I think it's a nice option, but would like to see the cyrus folk make cyrus workable without it. > Cyrus 2 is anything but flaky... I am not really sure it is as stable as > 1.5, but it has fewer security issues, and a lot more features. yeah I was really excited when I was trying your .debs, I've read about the new stuff for at least the past year, and have been itchin to get it runnin in debian. heard some horror stories from some friends who had to go through the procedure of getting cyrus 2 running from scratch on redhat systems, thought it would be easier for debian if not for that libnss-ldap bug. as for being flakey I got that just from reading up on some mailing list postings, maybe not all were up to date, when I was researching it a few weeks ago, things about cyrus mysteriously crashing, or refusing to authenticate. Probably mostly due to sasl mis-configuration or something. thanks for the quick reply :) nate -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
