Ken:
I finally determined the issue with BerkeleyDB. The SASL configure script
looks for "/usr/include/db3" which is found and contains (as expected) bdb3
headers. Of course I compile SASL against bdb4 which is specified by
including
the options ->
--with-bdb-libdir=/usr/local/BerkeleyDB.4.0/lib
--with-bdb-incdir=/usr/local/BerkeleyDB.4.0/include
However, the above "configure" script option "--with-bdb-incdir" is
apparently
overridden when header files in "/usr/include/db3" are present. My temporary
solution was to rename/mv the "/usr/include/db3" directory to
"/usr/include/db3.SAV"
and create a sym link from "/usr/local/BerkeleyDB.4.0/include" to
"/usr/include/db3".
This did the trick. Now SASL V2 libraries are created without a bdb conflict
and
"dbconverter-2" as well as "saslpasswd2" work as expected.
Now the issue is with "Cyrus IMAP 2.1.3". The service protocol processes
complain that
"libsasl.so" is looking for "libdb-3.3.so". Just to insure that Cyrus IMAP
was not
experiencing the same bdb issue as SASL V2, I recompiled IMAP 2.1.3 - here
are the
"configure script" options selected ->
./configure \
--enable-fulldirhash \
--with-sasl=/usr/lib/sasl2 \
--with-openssl=/usr/local/ssl \
--with-tcl=/usr/local/ActiveTcl \
--with-auth=unix \
--without-krb \
--with-dbdir=/usr/local/BerkeleyDB \
--enable-listext
Additional bdb "configure script" options are ->
--with-duplicate-db=DB use DB (db3, skiplist) as a backend
for the duplicate delivery db (Default:
db3_nosync)
--with-mboxlist-db=DB use DB (flat, db3, skiplist) as a backend
for the mailbox list (Default: db3)
--with-seen-db=DB use DB (flat, db3, skiplist) as a backend
for the seen state (Default: flat)
--with-subs-db=DB use DB (flat, db3, skiplist) as a backend
for the subscriptions list (Default: flat)
--with-tls-db=DB use DB (db3, skiplist) as a backend
for the TLS cache (Default: db3_nosync)
The above IMAP "configure script" db option descriptions would lead me to
believe that
bdb4.0 is not supported by "Cyrus IMAP" and potentially "SASL V2 libraries".
Is this
the case? If not, is there a prescribed method for compiling the Cyrus
Projects against
bdb4.0?
Moving along, I then restart "master" and the following entries are still
showing-up in
"imapd.log":
imapd[12558]: unable to dlopen libsasl.so: libdb-3.3.so: cannot open
shared object file: No such file or directory
pop3d[12561]: unable to dlopen libsasl.so: libdb-3.3.so: cannot open
shared object file: No such file or directory
So, I created a sym link from "/usr/local/BerkeleyDB.3.3/lib/libdb-3.3.so"
to
"/lib/libdb-3.3.so" and the above log file messages no longer appear. I then
ran
"imtest" and authentication was successful using "sasldb2" accounts.
Yet all is not working, now the following entries are made to the
"imapd.log" file
when attempting to login via my mail client:
badlogin: mailclient [X.X.X.X] plaintext theman SASL(-4): no mechanism
available: checkpass failed
The "/etc/imapd.conf" file contains ->
configdirectory: /var/imap
partition-default: /var/spool/imap
admins: cyrusadmin
sasl_pwcheck_method: auxprop
partition-news: /var/spool/imap-news
newsspool: /var/spool/news
sendmail: /usr/sbin/sendmail
tls_cert_file: /var/imap/server.pem
tls_key_file: /var/imap/server.pem
Further, when I attempt to "su", it "Segmentation Faults" and the following
entries are
showing-up in the "messages" file
su(pam_unix)[12943]: authentication failure; logname=username uid=500
euid=0 tty= ruser= rhost= user=root
su[12943]: unable to get entry point sasl_client_plug_init in
/usr/lib/sasl/libsasldb.so:
/usr/local/lib/libsasl.so.7: undefined symbol: sasl_client_plug_init
Why would PAM looking for "SASL V1" libraries? Does PAM need to be relinked
against "SASL V2"
libraries?
I look forward to your's and the list responses to this one - Thanks!
RB
