Re: Which Berkeley DB is best?
Aidan Evans schrieb: > > We're using Berkeley DB 4.0.14 for deliver.db and tls_sessions.db and for > the second time in a couple of weeks both of these databases are > non-functional because of "Lock table is out of available locker entries". > > This error may be caused by a bug that is fixed as described in > "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=2040";. However, > the patch appears to be against a newer version of the code than we are > running, so I'm just a little bit concerned about simply patching and > hoping for the best. As an alternative I was considering downgrading to > a version 3 Berkeley DB. > > Is there any consensus as to the "best" version of Berkeley DB to use > with Cyrus 2.1.9 on RedHat Linux 7.2. The version shipped with RedHat 7.2 has worked very well for me. In fact much better than the one from 7.3. My config looks like this: name : Cyrus IMAPD version: v2.1.9-Invoca-RPM-2.1.9-4 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.9-34SGI_XFS_1.1 environment: Cyrus SASL 2.1.5 Sleepycat Software: Berkeley DB 3.2.9: (January 24, 2001) OpenSSL 0.9.6b [engine] 9 Jul 2001 CMU Sieve 2.2 TCP Wrappers mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = skiplist duplicate.db = db3-nosync tls.db = db3-nosync > > name : Cyrus IMAPD > version: v2.1.9 2002/08/30 18:40:23 > vendor : Project Cyrus > support-url: http://asg.web.cmu.edu/cyrus > os : Linux > os-version : 2.4.9-34smp-san > environment: Cyrus SASL 2.1.2 > Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001) > OpenSSL 0.9.6b [engine] 9 Jul 2001 > CMU Sieve 2.2 > TCP Wrappers > mmap = shared > lock = fcntl > nonblock = fcntl > auth = unix > idle = poll > mboxlist.db = skiplist > subs.db = flat > seen.db = flat > duplicate.db = db3-nosync > tls.db = db3-nosync > > Aidan Evans | Networks & Systems > (902)494-3332 | University Computing & Information Services > | Dalhousie University, Halifax, N.S., Canada
lmtpd: Internal error: assertion failed: config.c: 226: imapopts[opt].t== OPT_SWITCH
Hello, I'm trying to configure sendmail to deliver to a virtual-domain account in cyrus 2.2 from cvs. This is all I get to work! I had to change the cyrusv2.mc file so that it will send a fqdn recipient like this and I get such error in the logfile. Oct 16 02:34:36 mail sendmail[10197]: [ID 801593 mail.info] g9G0YZuE010195: to=<[EMAIL PROTECTED]>, delay=00:00:00, xdelay=00:00:00, mailer=cyrusv2, pri=120 439, relay=localhost, dsn=4.3.0, stat=Deferred: 421 4.3.0 lmtpd: Internal error: assertion failed: config.c: 226: imapopts[opt].t == OPT_SWITCH Mcyrusv2, P=[IPC], F=_MODMF_(CONCAT(_DEF_CYRUSV2_MAILER_FLAGS, CYRUSV2_MAILER_FLAGS), `CYRUSV2'), S=EnvFromSMTP/HdrFromL, R=EnvToSMTP/HdrToSMTP, E=\r\n, _OPTINS(`CYRUSV2_MAILER_MAXMSGS', `m=', `, ')_OPTINS(`CYRUSV2_MAILER_MAXRCPTS', `r=', `, ')_OPTINS(`CYRUSV2_MAILER_CHARSET', `C=', `, ') T=DNS/RFC822/SMTP,_CYRUSV2_QGRP A=CYRUSV2_MAILER_ARGS ==> Changed EnvToL/HdrToL to EnvToSMTP/HdrToSMTP What does that mean ? What is broken ?
Re: sieveshell says "sasl mech list empty"
> Is IMAP auth-ing OK with PLAIN? What's your sasl_minimum_layer? I
> thought
> "1" was low enough, but you may need to try "0".
Thanks man but I saw a thread on that in the archives and already gave it
a shot. No better I'm afraid.
I'm fairly sure that the compile is correct after all my testing with
strace so I'm left thinking that this has to be a config problem. I have
to have missed something stupid.
For some reason timsieve doesn't list any auth types.
Here are all the config files that I can think of... anyone see any stupid
mistakes? Please?
Thanks
Nick
---START imapd.conf---
configdirectory:/var/imap
partition-default: /var/spool/imap
sievedir: /var/imap/sieve
# Don't use an everyday user as admin.
admins: cyrus
#hashimapspool: yes
allowanonymouslogin:no
allowplaintext: yes
# Use this if sieve-scripts could be in ~user/.sieve.
#sieveusehomedir: yes
# Use saslauthd if you want to use pam for imap.
# But be warned: login with DIGEST-MD5 or CRAM-MD5
# is not possible using pam.
sasl_pwcheck_method:saslauthd
# Following taken from the FAQ
postmaster: postmaster
sasl_mech_list: PLAIN LOGIN
# Added to try and get fking sieve to work
sasl_minimum_layer: 0
autocreatequota: 1
reject8bit: no
quotawarn: 90
timeout: 30
poptimeout: 10
dracinterval: 0
drachost: localhost
#sievedir: /usr/sieve
sendmail: /usr/sbin/sendmail
sieve_maxscriptsize: 32
sieve_maxscripts: 5
unixhierarchysep: yes
---END imapd.conf---
---START /etc/pam.d/sieve---
authsufficient /lib/security/pam_mysql.so user=mail passwd=**
host=localhost db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=0
account required/lib/security/pam_mysql.so user=mail passwd=**
host=localhost db=mail table=accountuser usercolumn=username
passwdcolumn=password crypt=0
---END /etc/pam.d/sieve---
---START /etc/cyrus.conf---
START {
# do not delete this entry!
recover cmd="ctl_cyrusdb -r"
# this is only necessary if using idled for IMAP IDLE
# idledcmd="idled"
}
# UNIX sockets start with a slash and are put into /var/imap/socket
SERVICES {
# add or remove based on preferences
imap cmd="imapd" listen="imap" prefork=0
pop3 cmd="pop3d" listen="pop3" prefork=0
# Don't forget to generate the needed keys for SSL or TLS
# (see doc/html/install-configure.html)
#imapscmd="imapd -s" listen="imaps" prefork=0
#pop3scmd="pop3d -s" listen="pop3s" prefork=0
sieve cmd="timsieved" listen="sieve" prefork=0
# at least one LMTP is required for delivery
# lmtp cmd="lmtpd" listen="lmtp" prefork=0
lmtpunix cmd="lmtpd" listen="/var/imap/socket/lmtp" prefork=0
# this is only necessary if using notifications
# notify cmd="notifyd" listen="/var/imap/socket/notify" proto="udp"
prefork=1
}
EVENTS {
# this is required
checkpointcmd="ctl_cyrusdb -c" period=30
# this is only necessary if using duplicate delivery suppression
delprune cmd="ctl_deliver -E 3" period=1440
# this is only necessary if caching TLS sessions
tlsprune cmd="tls_prune" period=1440
}
---END cyrus.conf---
Re: sasl 2.1.9 + LDAPS problem
On Tue, 15 Oct 2002, Felix Cuello wrote: > Hello, > >Well... sasl 2.1.9 doesn't solved my problem...then... I have a > configuration problem. > >I'm actually are running Cyrus 2.1.9, sasl 2.1.9 and openldap > 2.0.23-4,,, all this in a red h 7.3... > >In my /usr/local/etc/saslauthd.conf, I have this lines: > > # doesn't work with ldap_servers: ldap://localhost > # doesn't work with ldap_servers: ldaps://hostnamedomain:636 > ldap_servers: ldap://hostname.domain/ > ldap_bind_dn: uid=cyrus,ou=people,dc=xxx,dc=xxx > ldap_bind_pw: xxx > ldap_search_base: ou=people,dc=,dc=xxx > ldap_tls_check_peer: yes > ldap_tls_cacert_file: certificate.pem > ldap_tls_cacert_dir: /usr/share/ssl/certs/ > ldaps should work, someone recently reported that ldaps worked against Novell NDS. Try, ldap_servers: ldaps://hostname.domain/ ldap_bind_dn: uid=cyrus,ou=people,dc=xxx,dc=xxx ldap_bind_pw: xxx ldap_search_base: ou=people,dc=,dc=xxx ldap_tls_cacert_file: /usr/share/ssl/certs/certificate.pem #ldap_tls_check_peer: yes - This can get you in trouble if your certificates are not setup properly on both the ldap server and the client. Does ldapsearch -x -H ldaps://hostname.domain/ -b ou=people,dc=,dc=xxx \ -Duid=cyrus,ou=people,dc=xxx,dc=xxx -W uid=some_username work? Have you checked openldap syslog? -Igor > > > I was tried some tests, like: > > stunnel ldap ---> ldaps > > and that works fine... because saslauthd tries to connect a simple ldap > server and STUNNEL do the rest with LDAPS server... > > But I don't want to use stunnel, because is a little bit unstable.. > > > thanks a lot and sorry for my poor english :-) > > > Felix > > > > -- Igor
Re: Cyrus/SASL/LDAP/PAM/FreeBSD
On Tue, 15 Oct 2002, Gardiner Leverett wrote: > Great! I'll go try that first. Is there any documentation for the saslauth > db file? According to the web docs included with the source, it says to > check the man page for saslauthdb, but when I do, I get an incomplete > page without the necessary information. The LDAP_SASLAUTHD file should contain what you need. -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
sasl 2.1.9 + LDAPS problem
Hello, Well... sasl 2.1.9 doesn't solved my problem...then... I have a configuration problem. I'm actually are running Cyrus 2.1.9, sasl 2.1.9 and openldap 2.0.23-4,,, all this in a red h 7.3... In my /usr/local/etc/saslauthd.conf, I have this lines: # doesn't work with ldap_servers: ldap://localhost # doesn't work with ldap_servers: ldaps://hostnamedomain:636 ldap_servers: ldap://hostname.domain/ ldap_bind_dn: uid=cyrus,ou=people,dc=xxx,dc=xxx ldap_bind_pw: xxx ldap_search_base: ou=people,dc=,dc=xxx ldap_tls_check_peer: yes ldap_tls_cacert_file: certificate.pem ldap_tls_cacert_dir: /usr/share/ssl/certs/ I was tried some tests, like: stunnel ldap ---> ldaps and that works fine... because saslauthd tries to connect a simple ldap server and STUNNEL do the rest with LDAPS server... But I don't want to use stunnel, because is a little bit unstable.. thanks a lot and sorry for my poor english :-) Felix
Re: database types
Aidan Evans wrote: > > On Sun, 13 Oct 2002 at 11:05 Rob Siemborski wrote to David Wright and... > > >On Sat, 12 Oct 2002, David Wright wrote: > > > >> Can someone explain what advantages and disadvantages one has from the > >> different database types? And what is a skiplist anyway? I'm familiar > >> with flat files and the sleepycat databases, but I've never heard of a > >> skiplist. > > > >This has been addressed on the list several times, here's the summary: > > > >http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=2311 > > This says > > >--with-duplicate-db=DB use DB (db3, skiplist) as a backend > > for the duplicate delivery db (Default: db3_nosync > ) > > db3_nosync, since the worst part about losing this is that someone > might get a vacation message twice. It also needs fast lookups. > > which does not sound right, if "losing this" refers to the database. What > seems to happen in our environment is that all sieving stops working. I > have not tested everything, but right now deliver.db (db3-nosync) is broken > and my sieve script which has a couple of "if" tests, a "redirect", and a > "fileinto" now does nothing. If the duplicate deliver database can't be initialized, then Sieve is turned off (to prevent mail loops, etc). The same _used_ to be true if duplicate suppression was turned off, but now Sieve and duplicate suppression are independent of one another (but they both depend on deliver.db being available). -- Kenneth Murchison Oceana Matrix Ltd. Software Engineer 21 Princeton Place 716-662-8973 x26 Orchard Park, NY 14127 --PGP Public Key--http://www.oceana.com/~ken/ksm.pgp
Re: Cyrus/SASL/LDAP/PAM/FreeBSD
Rob Siemborski wrote: > > On Tue, 15 Oct 2002, Gardiner Leverett wrote: > > > After fussing around with the make files so that cyrus-sasl would > > actually include the pam library, cyrus still doesn't have the library > > on compile, and trying to test the server produces no result. > > I'm not sure why you have to use PAM. Saslauthd comes with a perferctly > good LDAP module. (For that matter, libsasl2 shouldn't be linking PAM > directly anyway). Great! I'll go try that first. Is there any documentation for the saslauth db file? According to the web docs included with the source, it says to check the man page for saslauthdb, but when I do, I get an incomplete page without the necessary information.
Re: database types
On Sun, 13 Oct 2002 at 11:05 Rob Siemborski wrote to David Wright and... >On Sat, 12 Oct 2002, David Wright wrote: > >> Can someone explain what advantages and disadvantages one has from the >> different database types? And what is a skiplist anyway? I'm familiar >> with flat files and the sleepycat databases, but I've never heard of a >> skiplist. > >This has been addressed on the list several times, here's the summary: > >http://asg.web.cmu.edu/archive/message.php?mailbox=archive.cyrus-sasl&msg=2311 This says >--with-duplicate-db=DB use DB (db3, skiplist) as a backend > for the duplicate delivery db (Default: db3_nosync ) db3_nosync, since the worst part about losing this is that someone might get a vacation message twice. It also needs fast lookups. which does not sound right, if "losing this" refers to the database. What seems to happen in our environment is that all sieving stops working. I have not tested everything, but right now deliver.db (db3-nosync) is broken and my sieve script which has a couple of "if" tests, a "redirect", and a "fileinto" now does nothing. Aidan Evans | Networks & Systems (902)494-3332 | University Computing & Information Services | Dalhousie University, Halifax, N.S., Canada
Re: Cyrus/SASL/LDAP/PAM/FreeBSD
On Tue, 15 Oct 2002, Gardiner Leverett wrote: > After fussing around with the make files so that cyrus-sasl would > actually include the pam library, cyrus still doesn't have the library > on compile, and trying to test the server produces no result. I'm not sure why you have to use PAM. Saslauthd comes with a perferctly good LDAP module. (For that matter, libsasl2 shouldn't be linking PAM directly anyway). -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Cyrus/SASL/LDAP/PAM/FreeBSD
I know it seems like a lot, but here's the task I'm working with: We have a FreeBSD 4.7 machine and we're trying to use OpenLDAP 2.0.25, cyrus-sasl-2.1.7, and cyrus-imap.2.1.9. To get Cyrus to use LDAP for authentication, we need a pam module, and we're using pam_ldap-1.5.2. (All of this using Postfix as the MTA.) After fussing around with the make files so that cyrus-sasl would actually include the pam library, cyrus still doesn't have the library on compile, and trying to test the server produces no result. We successfully got all of these to work together on a Solaris platform earlier this year, and we've been trying to use that experience as a reference, but that hasn't helped either. When I run the Cyrus master program, this error appears in the logs: Oct 15 12:38:48 qvf master[90357]: process started Oct 15 12:38:48 qvf master[90357]: process 90358 exited, status 75 Oct 15 12:38:48 qvf master[90357]: ready for work I saw this referenced in the e-mails to the list, but not a clear solution. I wondering if this is part of the problem. Has anyone had this combination of programs to work together? I'm at a loss as for what to do next. Trying to telnet to the imap port produces no result. The items are not in inetd.conf (as I did get one of those imapd: could not getenv(CCYRUS_SERVICE) errors in the log as well). Any help would be appreciated! -- Gardiner Leverett [EMAIL PROTECTED] Merit Network, Inc. Phone: 734-647-9888 4251 Plymouth Rd., Suite 2000 Ann Arbor, MI 48105-2785 http://www.merit.edu
Which Berkeley DB is best?
We're using Berkeley DB 4.0.14 for deliver.db and tls_sessions.db and for the second time in a couple of weeks both of these databases are non-functional because of "Lock table is out of available locker entries". This error may be caused by a bug that is fixed as described in "http://www.openldap.org/its/index.cgi/Software%20Bugs?id=2040";. However, the patch appears to be against a newer version of the code than we are running, so I'm just a little bit concerned about simply patching and hoping for the best. As an alternative I was considering downgrading to a version 3 Berkeley DB. Is there any consensus as to the "best" version of Berkeley DB to use with Cyrus 2.1.9 on RedHat Linux 7.2. name : Cyrus IMAPD version: v2.1.9 2002/08/30 18:40:23 vendor : Project Cyrus support-url: http://asg.web.cmu.edu/cyrus os : Linux os-version : 2.4.9-34smp-san environment: Cyrus SASL 2.1.2 Sleepycat Software: Berkeley DB 4.0.14: (November 18, 2001) OpenSSL 0.9.6b [engine] 9 Jul 2001 CMU Sieve 2.2 TCP Wrappers mmap = shared lock = fcntl nonblock = fcntl auth = unix idle = poll mboxlist.db = skiplist subs.db = flat seen.db = flat duplicate.db = db3-nosync tls.db = db3-nosync Aidan Evans | Networks & Systems (902)494-3332 | University Computing & Information Services | Dalhousie University, Halifax, N.S., Canada
Re: [patch] search domain from %u
Hi, I have a newer version at http://my.fit.edu/~kpierre/lak.c.3.patch I added the ability to have a default domain context, for the case a user logs into the default domain and you are using the domain context macro. PS. things for adding ldap support to saslauthd in the first place. This is the second time I'm using your code ( first with the solaris openldap conf site ), so I feel like I owe you a check or something :) --Kervin Igor Brezac wrote: > On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > > > >I modified the patch to take the search domain from the username %u, for > >virtual server environments. > > > >http://my.fit.edu/~kpierre/lak.c.2.patch > > > >PS. I am not having luck with the global search ( ie. the current > >method, -b "" ), I keep getting object not found although a search under > >a specific domain context works ( ie. -b "ou=..." ). > > > > > You are telling openldap to search a wrong backend (among other things, > -b"" is used to search rootDSE). > > > >Let me know what you think > > > > > I'll integrate the patch and submit it to Rob. > > -Igor > > > >--Kervin > > > > > >Igor Brezac wrote: > > > > > >>On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > >> > >> > >>>Hi, > >>> > >>>attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d' > >>>macro in ldap_search_base option to the domain context derived from the > >>>realm '%r'. > >>> > >>>eg. > >>> > >>>ldap_search_base: ou=people, %d > >>>in saslauthd.conf > >>> > >>>if realm is 'domain.tld', the ldap search base will expand to > >>>'ou=people,dc=domain,dc=tld' > >>> > >>>Does imapd always provide the realm in a virtual server environment > when > >>>authenticating users? Is it safe to assume that the realm is > >>>'domain.tld' or more specifically the domain given to mkimap script? > >>> > >>>Is this correct/incorrect/unnecessary? > >>> > >> > >>In most cases an organization will have one realm. Realms should not be > >>confused with domains. In virtual domain setup, %u will look like > >>[EMAIL PROTECTED] and unless you setup a realm, %r will be blank. So, > >>%d is not necessary in this case. > >> > > > > > > >
Re: Configure for imapd 2.1.9 doesn't necessarily pick up the versionof BerkeleyDB specified with --with-dbdir= switch
On 15 Oct 2002, Gordon Marler wrote: > What's even more disturbing (note the subject change above for the > benefit of the list) is the fact that if you specify > --with-dbdir= > to configure, it won't necessarily pick that up. Allow me to elaborate: See Also: Bug #1424. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: [patch] search domain from %u
On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > > I modified the patch to take the search domain from the username %u, for > virtual server environments. > > http://my.fit.edu/~kpierre/lak.c.2.patch > > PS. I am not having luck with the global search ( ie. the current > method, -b "" ), I keep getting object not found although a search under > a specific domain context works ( ie. -b "ou=..." ). > You are telling openldap to search a wrong backend (among other things, -b"" is used to search rootDSE). > Let me know what you think > I'll integrate the patch and submit it to Rob. -Igor > --Kervin > > > Igor Brezac wrote: > > > > > On Mon, 14 Oct 2002, Kervin L. Pierre wrote: > > > > > > > > Hi, > > > > > > attached is a patch to cyrus/saslauthd/lak.c to allow it to expand '%d' > > > macro in ldap_search_base option to the domain context derived from the > > > realm '%r'. > > > > > > eg. > > > > > > ldap_search_base: ou=people, %d > > > in saslauthd.conf > > > > > > if realm is 'domain.tld', the ldap search base will expand to > > > 'ou=people,dc=domain,dc=tld' > > > > > > Does imapd always provide the realm in a virtual server environment when > > > authenticating users? Is it safe to assume that the realm is > > > 'domain.tld' or more specifically the domain given to mkimap script? > > > > > > Is this correct/incorrect/unnecessary? > > > > > > > In most cases an organization will have one realm. Realms should not be > > confused with domains. In virtual domain setup, %u will look like > > [EMAIL PROTECTED] and unless you setup a realm, %r will be blank. So, > > %d is not necessary in this case. > > > > > -- Igor
Configure for imapd 2.1.9 doesn't necessarily pick up the versionof BerkeleyDB specified with --with-dbdir= switch
On Tue, 2002-10-15 at 10:42, Rob Siemborski wrote: > On 15 Oct 2002, Gordon Marler wrote: > > > Since I'm not set up for GSSAPI yet, I used --disable-gssapi, and it > > works fine. Many thanks! > > > > It isn't intuitive that the two would be related, is it? > > It is, since your configure.log was complaining about GSSAPI libraries > that were missing. It's a bit more disturbing that it thought you had > them, but I'll look into that I guess. > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper > > > What's even more disturbing (note the subject change above for the benefit of the list) is the fact that if you specify --with-dbdir= to configure, it won't necessarily pick that up. Allow me to elaborate: I have every version of Sleepycat Berkeley DB installed since v2.7.7. However, I use one of them more than the others, so my PATH is set to go through that version's /bin directory (version 4.x.x) I notice that if I specify the --with-dbdir= switch to configure, configure runs programs in *my PATH* (DB version 4.x.x) to determine the version of DB available rather than exclusively using the directory I specified in the --with-dbdir= switch. Of course, this causes the compile to fail miserably later, since configure couldn't really determine which version to target, so it mixes them up a bit. Just thought the maintainer would like to know this was happening. Most products that allow you to specify a certain version of a library during a configure purposely ignore all other installations of that library, and manually set the PATH during each configure test to make sure that only the specified version of a tool is used. Oh well... -- T. Gordon Marler [EMAIL PROTECTED]
Re: "libsasl2 without working sasl_checkapop" problem withconfigure returns in imapd 2.1.9
On Tue, 2002-10-15 at 10:09, Rob Siemborski wrote: > On 15 Oct 2002, Gordon Marler wrote: > > > Any tips or hints here? > > It's picking up that you have GSSAPI libraries apparently, if you don't > need them, specify --disable-gssapi, if you need them, specify > --enable-gssapi=/the/same/value/you/told/sasl Since I'm not set up for GSSAPI yet, I used --disable-gssapi, and it works fine. Many thanks! It isn't intuitive that the two would be related, is it? > > -Rob > > -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- > Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 > Research Systems Programmer * /usr/contributed Gatekeeper > > > -- T. Gordon Marler [EMAIL PROTECTED]
Re: "libsasl2 without working sasl_checkapop" problem with configurereturns in imapd 2.1.9
On 15 Oct 2002, Gordon Marler wrote: > Since I'm not set up for GSSAPI yet, I used --disable-gssapi, and it > works fine. Many thanks! > > It isn't intuitive that the two would be related, is it? It is, since your configure.log was complaining about GSSAPI libraries that were missing. It's a bit more disturbing that it thought you had them, but I'll look into that I guess. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: "libsasl2 without working sasl_checkapop" problem with configurereturns in imapd 2.1.9
On 15 Oct 2002, Gordon Marler wrote: > Any tips or hints here? It's picking up that you have GSSAPI libraries apparently, if you don't need them, specify --disable-gssapi, if you need them, specify --enable-gssapi=/the/same/value/you/told/sasl -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
"libsasl2 without working sasl_checkapop" problem with configurereturns in imapd 2.1.9
I've read through the archives, and it looks like the solutions
suggested for this particular problem in imapd 2.1.4 don't work for
2.1.9. Since my skills with automake, libtool, et al are very poor, I'm
coming to this list for help.
First, some background information:
I don't use /usr/local (so if we solve this, it may help all those other
poor souls that would prefer to ignore anything that exists in
/usr/local, unless you explicitly ask to use /usr/local). Everything is
installed at /lb/all///. Thus, I have the
following tools installed before I begin this exercise:
Sleepycat Berkeley DB 4.1.24 (shared and static libs):
/lb/all/sleepycat/4.1.24/{bin,docs,include,lib}
OpenSSL 0.9.6g:
/lb/all/openssl/0.9.6g-gcc-32bit/ssl/{bin,include,lib,...}
Cyrus SASL lib 2.1.8 (static libs only):
/lb/all/libsasl/2.1.8/{include,lib,...}
I'm compiling with gcc v3.2 on Solaris 8, using GNU make 3.79.1.
With that said, here's my input to configure (the CPPFLAGS and LDFLAGS
are one long line each), which will install imapd in
/lb/all/imapd/2.1.9/:
CPPFLAGS="-I/lb/all/openssl/0.9.6g-gcc-32bit/ssl/include
-I/lb/all/sleepycat/4.1.24/include -I/lb/all/libsasl/2.1.8/include
-I/lb/include" \
LDFLAGS="-L/lb/all/openssl/0.9.6g-gcc-32bit/ssl/lib
-L/lb/all/sleepycat/4.1.24/lib -R/lb/all/sleepycat/4.1.24/lib
-L/lb/all/libsasl/2.1.8/lib -R/lb/all/libsasl/2.1.8/lib -L/lb/lib" \
./configure --with-cyrus-prefix=/lb/all/imapd/2.1.9 \
--with-cyrus-user=cyrus2 --with-cyrus-group=cyrus2 \
--with-dbdir=/lb/all/sleepycat/4.1.24 \
--with-auth=unix\
--with-openssl=/lb/all/openssl/0.9.6g-gcc-32bit/ssl \
--with-staticsasl=/lb/all/libsasl/2.1.8
And here's the error configure eventually generates:
...
checking for prop_get in -lsasl2... yes
checking for sasl_checkapop in -lsasl2... no
configure: error: libsasl2 without working sasl_checkapop. Cannot
continue.
And here's the contents of config.log:
...
configure:5262: checking for prop_get in -lsasl2
configure:5281: gcc -o conftest -Wall -g -O2
-I/lb/all/sleepycat/4.1.24/include
-I/lb/all/openssl/0.9.6g-gcc-32bit/ssl/include
-I/lb/all/sleepycat/4.1.24/include -I/lb/all/libsasl/2.1.8/include
-I/lb/include -I/lb/all/openssl/0.9.6g-gcc-32bit/ssl/include
-I/lb/all/libsasl/2.1.8/include -L/lb/all/sleepycat/4.1.24/lib
-R/lb/all/sleepycat/4.1.24/lib -L/lb/all/sleepycat/4.1.24/lib
-L/usr/local/lib -R/usr/local/lib
-L/lb/all/openssl/0.9.6g-gcc-32bit/ssl/lib
-L/lb/all/sleepycat/4.1.24/lib -R/lb/all/sleepycat/4.1.24/lib
-L/lb/all/libsasl/2.1.8/lib -R/lb/all/libsasl/2.1.8/lib -L/lb/lib
-L/lb/all/openssl/0.9.6g-gcc-32bit/ssl/lib -L/lb/all/libsasl/2.1.8/lib
conftest.c -lsasl2 -lresolv -ldl -lfl -ldb-4 -lssl -lcrypto 1>&5
configure:5357: checking for sasl_checkapop in -lsasl2
configure:5376: gcc -o conftest -Wall -g -O2
-I/lb/all/sleepycat/4.1.24/include
-I/lb/all/openssl/0.9.6g-gcc-32bit/ssl/include
-I/lb/all/sleepycat/4.1.24/include -I/lb/all/libsasl/2.1.8/include
-I/lb/include -I/lb/all/openssl/0.9.6g-gcc-32bit/ssl/include
-L/lb/all/libsasl/2.1.8/lib /lb/all/libsasl/2.1.8/lib/libsasl2.a
-lgssapi_krb5 -lkrb5 -lk5crypto -lcom_err
/usr/local/lib/libgssapi_krb5.a /usr/local/lib/libkrb5.a
/usr/local/lib/libk5crypto.a /usr/local/lib/libcom_err.a
-L/lb/all/sleepycat/4.1.24/lib -R/lb/all/sleepycat/4.1.24/lib
-L/lb/all/sleepycat/4.1.24/lib -L/usr/local/lib -R/usr/local/lib
-L/lb/all/openssl/0.9.6g-gcc-32bit/ssl/lib
-L/lb/all/sleepycat/4.1.24/lib -R/lb/all/sleepycat/4.1.24/lib
-L/lb/all/libsasl/2.1.8/lib -R/lb/all/libsasl/2.1.8/lib -L/lb/lib
-L/lb/all/openssl/0.9.6g-gcc-32bit/ssl/lib conftest.c -lsasl2 -ldl
-lfl -ldb-4 -lssl -lcrypto 1>&5
gcc: /usr/local/lib/libgssapi_krb5.a: No such file or directory
gcc: /usr/local/lib/libkrb5.a: No such file or directory
gcc: /usr/local/lib/libk5crypto.a: No such file or directory
configure: failed program was:
#line 5365 "configure"
#include "confdefs.h"
/* Override any gcc2 internal prototype to avoid an error. */
/* We use char because int might match the return type of a gcc2
builtin and then its argument prototype would still apply. */
char sasl_checkapop();
int main() {
sasl_checkapop()
; return 0; }
Any tips or hints here?
--
T. Gordon Marler
[EMAIL PROTECTED]
Re: cyrus-smlacapd
On Tue, 15 Oct 2002, Mathieu Arnold wrote: > I don't know if it is the right place to ask, but is someone working on > making smlacapd work with saslv2 ? No, no one is making this effort right now. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: How to set up forward in cyrus
On Tue, 15 Oct 2002, Liu Jinhui wrote: > Does cyrus support to forward the letter to another email address? You can make use of sieve's redirect mechanism, but this is probably something that should be handled at the MTA level and not at the MDA level. -Rob -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Rob Siemborski * Andrew Systems Group * Cyert Hall 207 * 412-268-7456 Research Systems Programmer * /usr/contributed Gatekeeper
Re: sieveshell says "sasl mech list empty"
Is IMAP auth-ing OK with PLAIN? What's your sasl_minimum_layer? I thought "1" was low enough, but you may need to try "0". On Oct 14 Nick Fisher wrote: >Dammit I spoke too soon. On closer inspection of the output and some >jiggering around I find that's not the problem. >timsieve was finding the librarys eventually so I'm back to crying on >my keyboard whapping my head against this problem. > >Does anyone know what librarys it should be loading to get pam_mysql auth >to work? Does anyone know of any docs relating to getting timsieve to use >PAM auth? >Failing that how do you install sieve scripts without timsieved?
How to set up forward in cyrus
Does cyrus support to forward the letter to another email address? Liu Jinhui [EMAIL PROTECTED] 2002-10-15
