diff options
| author | David W. Chapman Jr. <dwcjr@FreeBSD.org> | 2002-09-01 16:38:33 +0000 |
|---|---|---|
| committer | David W. Chapman Jr. <dwcjr@FreeBSD.org> | 2002-09-01 16:38:33 +0000 |
| commit | cc8a1f722757d33978863edac4c965bab94d187c (patch) | |
| tree | e91342003de92453da0c17ab3c9da537862c1d73 /security/cyrus-sasl/files | |
| parent | 534fffca27bb18f7529d548c46ee3326505a89c7 (diff) | |
add an example PAM file for saslauthd and pwcheck_pam daemons
update the Sendmail.README file to include instructions for
using the security/cyrus-sasl2 port.
PR: 42153
Submitted by: maintainer
Notes
Notes:
svn path=/head/; revision=65427
Diffstat (limited to 'security/cyrus-sasl/files')
| -rw-r--r-- | security/cyrus-sasl/files/Sendmail.README | 20 | ||||
| -rw-r--r-- | security/cyrus-sasl/files/cyrus.pam | 18 |
2 files changed, 34 insertions, 4 deletions
diff --git a/security/cyrus-sasl/files/Sendmail.README b/security/cyrus-sasl/files/Sendmail.README index c88d2433e92e..ce51d46cdd9e 100644 --- a/security/cyrus-sasl/files/Sendmail.README +++ b/security/cyrus-sasl/files/Sendmail.README @@ -7,14 +7,25 @@ How to enable SMTP AUTH with FreeBSD default Sendmail SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl - NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added + NOTE: 1. Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option + Starting with Sendmail 8.12, you can also use the security/cyrus-sasl2 + port. Then you will not need the SASL V1 port installed. + + SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 + SENDMAIL_LDFLAGS=-L/usr/local/lib + SENDMAIL_LDADD=-lsasl2 + + 2) Rebuild FreeBSD (make buildworld, ...) -3) Create /usr/local/lib/sasl/Sendmail.conf with the following. +3) Make sure that the pwcheck_method is correct in Sendmail.conf. - pwcheck_method: pwcheck + Sendmail.conf (${PREFIX}/lib/sasl{,2}/Sendmail.conf) is created by + the cyrus-sasl and cyrus-sasl2 ports during installation. It may have + pwcheck_method set to either pwcheck (V1 only) or saslauthd (V1 & V2) by + default. Change this to what is appropriate for your site. 4) Add the following to your sendmail.mc file: @@ -44,7 +55,8 @@ How to enable SMTP AUTH with FreeBSD default Sendmail PLAIN is required for Netscape Communicator users. By default Netscape Communicator will use SASL Authentication when sendmail is compiled with - SASL. + SASL and will cause your users to enter their passwords each time they + retreive their mail (NS 4.7). The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you are using cyrus-imapd and sendmail on the same server that requires access diff --git a/security/cyrus-sasl/files/cyrus.pam b/security/cyrus-sasl/files/cyrus.pam new file mode 100644 index 000000000000..3c3734c3672f --- /dev/null +++ b/security/cyrus-sasl/files/cyrus.pam @@ -0,0 +1,18 @@ +# +# $FreeBSD$ +# +# PAM configuration for the "cyrus" service +# Copy this file to /etc/pam.d/cyrus +# + +# auth +#auth required pam_nologin.so no_warn +#auth sufficient %%PREFIX%%/lib/pam_ldap.so nowarn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn +#auth required pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass + +# account +#account sufficient %%PREFIX%%/lib/pam_ldap.so +account required pam_unix.so |