On Thu, 09 Aug 2001, [EMAIL PROTECTED] spewed into the ether:
snip
PAM only needs root access if it's authenticating off /etc/shadow. Few
Fine.
medium-to-large scale operations today distribute passwords via NIS to
shadow files. Most, like mine, use LDAP, and you can authenticate off
an
Hi! I've finally been able to make postfix - cyrus work (it was an error in
the configuration of postfix, thanks) and I now have this question:
I have coded a pwcheck program that authenticates with some servers here at
work - as far as cyrus is concerned this is a plaintext login, and hence,
Hia,
The next problem I got to is it (sieve I think) wanted to find
bison.simple in /usr/local/share but it was in /usr/lib. So I make a
symbolink /usr/local/share to /usr/lib - is this a bad idea?
Wouldn't think so, but me no expert.
Anyway, it got further and now I get the following
Attempt two: Using module IMAP::Admin from
IMAP-Admin-1.4.3 The test gives me the following
error:
IMAP::Admin [ initialize ]: try NO Login failed: authentication failure
Again getting me past this error should allow me
to complete the task.
IMAP::Admin has worked very well for me. Can you
With the package IMAP-Admin-1.4.3
running test.pl as follows:
[root@mail121 IMAP-Admin-1.4.3]# perl test.pl
1..14
ok 1
Remaining tests require a connection an imap server
Please enter the server and the admin user and password at the prompts
Enter server: localhost
Enter login: adm
Enter
On Wed, Aug 08, 2001 at 04:12:43PM -0700, [EMAIL PROTECTED] wrote:
Aehm! Please persuse, at your leasure, the man page
http://sunsite.queensu.ca/cgi-bin/man-cgi?pam_krb5+5
or the rpm summary
http://www.redhat.com/swr/i386/pam_krb5-1-7.i386.html
for pam_krb5, and feel free to download
On Thu, Aug 09, 2001 at 03:14:51PM +1000, Jeremy Howard wrote:
You mean like pwcheck, which lets you dynamically add auth methods to SASL?
? You can dynamically add auth methods to SASL without using pwcheck.
Gabor
--
Gabor Gombas Eotvos Lorand
Hi All.
Would it be possible to host a cyrus-(IMAP/SASL) documetnation page? I feel
a great need for a Cyrus faq/howto page. The current doc's are not exactly
in a perfect state.
Also, they could bennefit a lot from dynamic updates.
Does anyone have a suggestion on where and how this could
Kevin J. Menard, Jr. wrote:
Hey Jeremy,
Thursday, August 09, 2001, 1:14:51 AM, you wrote:
JH Kevin J. Menard, Jr. wrote:
I still say add all this to SASL. That's what it's there for anyway, so
JH you
don't need to hack imapd.c or pop3d.c everytime you want to add a new auth
On Wed, 8 Aug 2001, Devdas Bhagat wrote:
On Wed, 08 Aug 2001, Marco Colombo spewed into the ether:
snip
And BTW, why don't you remove SASL from OpenLDAP, instead? You're just
asking CMU people to remove SASL from their Cyrus IMAPD so that
OpenLDAP 2 can use it to implement the encrypted
I have done six implementations of Cyrus (2.0.11 - 2.0.16) and in each
one I have the same problem. No user, other than cyrus, can
authenticate unless I make the shadow file 444 verses it original 400.
Pertinent information:
OS's -- RH 6.2, 7.0 Mandrake 7.2, 8.0
Cyrus -- 2.0.11 - 2.0.16
Sasl
On Thu, 09 Aug 2001 08:40:58 -0500,
Tyrone Vaughn [EMAIL PROTECTED] (tv) writes:
tv I have done six implementations of Cyrus (2.0.11 - 2.0.16) and in each
tv one I have the same problem. No user, other than cyrus, can
tv authenticate unless I make the shadow file 444 verses it original 400.
On Thu, 09 Aug 2001, Marco Colombo spewed into the ether:
snip
This is a completely different issue. David Wright is proposing to
*remove* SASL from Cyrus IMAPd in favor of a PAM-only solution, and
I was answering to him. I don't want SASL to be removed from IMAPd,
Nor do I. SASL does fine for
On 8/9/01 2:34 AM, Warren Flemmer [EMAIL PROTECTED] wrote:
Cyrus is working well with postfix using pam (mysql)
for authentication. I now need to setup automated
scripts to create mailboxes, set quotas etc. I have tried
three different approaches each of which ending without
successes so I
On Thu, 09 Aug 2001, Marco Colombo spewed into the ether:
snip
BTW, if really OpenLDAP 2 is build on SASL, you can't really get rid
of it. You'll have an IMAPD - LDAP - SASL (for authentication of
the LDAP client to the LDAP server) solution.
This is what I'm asking for. Quite a few people are
On Thu, 9 Aug 2001, Devdas Bhagat wrote:
On Thu, 09 Aug 2001, Marco Colombo spewed into the ether:
snip
BTW, if really OpenLDAP 2 is build on SASL, you can't really get rid
of it. You'll have an IMAPD - LDAP - SASL (for authentication of
the LDAP client to the LDAP server) solution.
On 9 Aug 2001, Julio Sanchez Fernandez wrote:
Marco Colombo [EMAIL PROTECTED] writes:
because that's the right place to use SASL. Despite of PAM not being
a replacement for SASL, of course. I think that OpenLDAP requirement
for a modular, configurable network security layer (SASL itself)
Marco Colombo wrote:
The fact I can write a little client/server application that supports
many different mechs, from weaker ones to stronger ones, *without*
almost any knowledge of them is great.
Sorry, I think my point was lost in the rest of the drivel.
The point is that the protocol
On Thu, 9 Aug 2001, Tyrone Vaughn wrote:
I did search the archives and the closest solution I can find is to
abandon checking the shadow file via PAM and run the program pwcheck
as the root user -- something I don't want to do.
If you know the answer, would you please forward it on to me?
Have you considered using stunnel? It's very easy to set up. I'm using
it with pam_ldap and cyrus.
[EMAIL PROTECTED] wrote:
BTW, I noticed an LDAP pwcheck daemon here:
http://www.linc-dev.com/auth.html
I looked at this daemon (pwcheck_ldap). It does not do secure (ssl)
ldap. Therefore
Hello,
I just installed Cyrus 2.0.16 on Solaris 8. When I go
to run run:
/usr/local/bin/cyradm -user cyrus localhost
I get the following errors:
Ccatfish# /usr/local/bin/cyradm -user cyrus localhost
Can't load
'/usr/local/lib/perl5/site_perl/5.6.0/sun4-solaris/auto/Cyrus/IMAP/IMAP
.so' for
Since IMAP::Admin requires the LOGIN auth method to be compiled into SASL,
that might be the problem. You need LOGIN auth for that.
The best check would be to telnet to the imap port as suggested by Jules.
Alain
- Original Message -
From: Jules Agee [EMAIL PROTECTED]
To: Warren Flemmer
Jeremy Howard wrote:
Ken Murchison wrote:
Kevin J. Menard, Jr. wrote:
re pwcheck
Hmm . . . I honestly haven't checked this out yet. I'll have to take
a look at it.
If you're serious about this, you should really check out cmu-sasl
v1.5.27 or the latest CVS and use saslauthd.
chirs charter wrote:
I just installed Cyrus 2.0.16 on Solaris 8. When I go
to run run:
/usr/local/bin/cyradm -user cyrus localhost
I get the following errors:
Ccatfish# /usr/local/bin/cyradm -user cyrus localhost
Can't load
Devdas Bhagat wrote:
The problem with the current design of imapd is that it assumes that
SASL will be available locally in some form, ignoring that it may not
be available there.
Do the pwcheck daemons provide support for this?
Yes. The pwcheck 'API' is this simple:
- SASL sends
Jules Agee wrote:
How strange. if I remember correctly, the IMAP::Admin module does
everything through an IMAP connection using standard RFC IMAP
commands, just like cyradm does. So if you're using the same login and
password with cyradm as you're using with your perl script, and cyradm
chirs charter wrote on Thu, Aug 09 2001 (11:46:49 -0700):
Can't load
'/usr/local/lib/perl5/site_perl/5.6.0/sun4-solaris/auto/Cyrus/IMAP/IMAP
.so' for module Cyrus::IMAP: ld.so.1: perl: fatal:
libdb-3.2.so: open failed: No s
uch file or directory at
Walter Wong wrote:
Part of the problem is that people are distributing binaries without
the source code and all the docs are in the doc/ subdir of the source
distribution.
Partly. And partly the docs don't provide a great beginners overview of
everything you need to know, but are more useful
On Fri, 10 Aug 2001, Jeremy Howard wrote:
If you moved across to SourceForge you get web-based CVS browsing (really
handy for developers getting involved the first time) and web-based list
archives that work (the current horde-based archive is slow as molasses, and
the IMAP-based archive
On Fri, 10 Aug 2001 12:49:11 +1000,
Jeremy Howard [EMAIL PROTECTED] (jh) writes:
jh I think it would add lots. Not just for a documentation project, but for the
jh whole Cyrus project. It would make it more of a community project rather
jh than a CMU project, which means more people getting
30 matches
Mail list logo
