diff options
author | dwcjr <dwcjr@FreeBSD.org> | 2002-09-02 00:38:33 +0800 |
---|---|---|
committer | dwcjr <dwcjr@FreeBSD.org> | 2002-09-02 00:38:33 +0800 |
commit | 984e4de075d9d55950ee5e197c8e95961506d701 (patch) | |
tree | 608695669ed541dbebcea640a3e8c448f8ee88f6 | |
parent | fd50192ea7567a034b59dfc96a1d112f8ccfa573 (diff) | |
download | freebsd-ports-gnome-984e4de075d9d55950ee5e197c8e95961506d701.tar.gz freebsd-ports-gnome-984e4de075d9d55950ee5e197c8e95961506d701.tar.zst freebsd-ports-gnome-984e4de075d9d55950ee5e197c8e95961506d701.zip |
add an example PAM file for saslauthd and pwcheck_pam daemons
update the Sendmail.README file to include instructions for
using the security/cyrus-sasl2 port.
PR: 42153
Submitted by: maintainer
-rw-r--r-- | security/cyrus-sasl/Makefile | 21 | ||||
-rw-r--r-- | security/cyrus-sasl/files/Sendmail.README | 20 | ||||
-rw-r--r-- | security/cyrus-sasl/files/cyrus.pam | 18 | ||||
-rw-r--r-- | security/cyrus-sasl/pkg-plist | 6 |
4 files changed, 58 insertions, 7 deletions
diff --git a/security/cyrus-sasl/Makefile b/security/cyrus-sasl/Makefile index ec4f808eea27..68f7fba3081b 100644 --- a/security/cyrus-sasl/Makefile +++ b/security/cyrus-sasl/Makefile @@ -42,7 +42,7 @@ MAN3= sasl.3 sasl_authorize_t.3 sasl_callbacks.3 sasl_checkpass.3 \ sasl_listmech.3 sasl_log_t.3 sasl_server_init.3 \ sasl_server_new.3 sasl_server_start.3 sasl_server_step.3 \ sasl_setprop.3 sasl_usererr.3 -MAN8= sasldblistusers.8 saslpasswd.8 saslauthd.8 +MAN8= sasldblistusers.8 saslpasswd.8 saslauthd1.8 USE_AUTOMAKE_VER=14 USE_LIBTOOL= YES @@ -99,6 +99,7 @@ PLIST_SUB= PREFIX=${PREFIX} \ GSSAPI=${GSSAPI} \ EBONES=${EBONES} \ DOCSDIR=${DOCSDIR:S/^${PREFIX}\///} \ + EXAMPLESDIR=${EXAMPLESDIR:S/^${PREFIX}\///} LDAP_MYSQL_PATCH= ldap-mysql_sasl-${PORTVERSION}/sasl-ldap+mysql.patch @@ -150,11 +151,21 @@ pre-install: @${SH} ${PKGINSTALL} ${PKGNAME} PRE-INSTALL @if [ -f ${PREFIX}/sbin/saslauthd ]; then \ mv ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd2; \ + if [ -f ${PREFIX}/man/man8/saslauthd.8 ]; then \ + mv ${PREFIX}/man/man8/saslauthd.8 \ + ${PREFIX}/man/man8/saslauthd2.8; \ + elif [ -f ${PREFIX}/man/man8/saslauthd.8.gz ]; then \ + mv ${PREFIX}/man/man8/saslauthd.8.gz \ + ${PREFIX}/man/man8/saslauthd2.8.gz; \ + fi; \ fi post-install: @${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${PWCHECK_SUB} \ ${FILESDIR}/pwcheck.sh > ${PREFIX}/etc/rc.d/pwcheck.sh + @${MKDIR} ${EXAMPLESDIR} + @${SED} -e 's;%%PREFIX%%;${PREFIX};g' \ + ${FILESDIR}/cyrus.pam > ${EXAMPLESDIR}/cyrus.pam @${CHMOD} 755 ${PREFIX}/etc/rc.d/pwcheck.sh ${INSTALL} -d -m 770 -o cyrus -g cyrus /var/pwcheck @${SED} -e "s;%%PREFIX%%;${PREFIX};g" ${SASLAUTHD_SUB} \ @@ -174,8 +185,16 @@ post-install: @${INSTALL_DATA} ${FILESDIR}/Sendmail.README ${DOCSDIR} .endif @mv ${PREFIX}/sbin/saslauthd ${PREFIX}/sbin/saslauthd1 + @mv ${PREFIX}/man/man8/saslauthd.8 ${PREFIX}/man/man8/saslauthd1.8 @if [ -f ${PREFIX}/sbin/saslauthd2 ]; then \ mv ${PREFIX}/sbin/saslauthd2 ${PREFIX}/sbin/saslauthd; \ + if [ -f ${PREFIX}/man/man8/saslauthd2.8 ]; then \ + mv ${PREFIX}/man/man8/saslauthd2.8 \ + ${PREFIX}/man/man8/saslauthd.8; \ + elif [ -f ${PREFIX}/man/man8/saslauthd2.8.gz ]; then \ + mv ${PREFIX}/man/man8/saslauthd2.8.gz \ + ${PREFIX}/man/man8/saslauthd.8.gz; \ + fi; \ fi @PKG_PREFIX=${PREFIX} BATCH=${BATCH} ${SH} ${PKGINSTALL} ${PKGNAME} POST-INSTALL @${CAT} ${PKGMESSAGE} diff --git a/security/cyrus-sasl/files/Sendmail.README b/security/cyrus-sasl/files/Sendmail.README index c88d2433e92e..ce51d46cdd9e 100644 --- a/security/cyrus-sasl/files/Sendmail.README +++ b/security/cyrus-sasl/files/Sendmail.README @@ -7,14 +7,25 @@ How to enable SMTP AUTH with FreeBSD default Sendmail SENDMAIL_LDFLAGS+= -L/usr/local/lib SENDMAIL_LDADD+= -lsasl - NOTE: Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added + NOTE: 1. Sendmail 8.10 - 8.11 needS -D_FFR_UNSAFE_SASL added to SENDMAIL_CFLAGS, if you need the GroupReadableSASLFile option + Starting with Sendmail 8.12, you can also use the security/cyrus-sasl2 + port. Then you will not need the SASL V1 port installed. + + SENDMAIL_CFLAGS=-I/usr/local/include -DSASL=2 + SENDMAIL_LDFLAGS=-L/usr/local/lib + SENDMAIL_LDADD=-lsasl2 + + 2) Rebuild FreeBSD (make buildworld, ...) -3) Create /usr/local/lib/sasl/Sendmail.conf with the following. +3) Make sure that the pwcheck_method is correct in Sendmail.conf. - pwcheck_method: pwcheck + Sendmail.conf (${PREFIX}/lib/sasl{,2}/Sendmail.conf) is created by + the cyrus-sasl and cyrus-sasl2 ports during installation. It may have + pwcheck_method set to either pwcheck (V1 only) or saslauthd (V1 & V2) by + default. Change this to what is appropriate for your site. 4) Add the following to your sendmail.mc file: @@ -44,7 +55,8 @@ How to enable SMTP AUTH with FreeBSD default Sendmail PLAIN is required for Netscape Communicator users. By default Netscape Communicator will use SASL Authentication when sendmail is compiled with - SASL. + SASL and will cause your users to enter their passwords each time they + retreive their mail (NS 4.7). The DONT_BLAME_SENDMAIL option GroupReadableSASL[DB]File is needed when you are using cyrus-imapd and sendmail on the same server that requires access diff --git a/security/cyrus-sasl/files/cyrus.pam b/security/cyrus-sasl/files/cyrus.pam new file mode 100644 index 000000000000..3c3734c3672f --- /dev/null +++ b/security/cyrus-sasl/files/cyrus.pam @@ -0,0 +1,18 @@ +# +# $FreeBSD$ +# +# PAM configuration for the "cyrus" service +# Copy this file to /etc/pam.d/cyrus +# + +# auth +#auth required pam_nologin.so no_warn +#auth sufficient %%PREFIX%%/lib/pam_ldap.so nowarn +#auth sufficient pam_opie.so no_warn no_fake_prompts +#auth requisite pam_opieaccess.so no_warn +#auth required pam_ssh.so no_warn try_first_pass +auth required pam_unix.so no_warn try_first_pass + +# account +#account sufficient %%PREFIX%%/lib/pam_ldap.so +account required pam_unix.so diff --git a/security/cyrus-sasl/pkg-plist b/security/cyrus-sasl/pkg-plist index 9aa77e2385d2..e9df945e693e 100644 --- a/security/cyrus-sasl/pkg-plist +++ b/security/cyrus-sasl/pkg-plist @@ -43,6 +43,7 @@ sbin/saslpasswd sbin/pwcheck sbin/pwcheck_pam sbin/saslauthd1 +%%EXAMPLESDIR%%/cyrus.pam %%JAVASASL%%share/java/classes/sasl/CyrusSasl/ClientFactory.class %%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericClient.class %%JAVASASL%%share/java/classes/sasl/CyrusSasl/GenericCommon.class @@ -90,17 +91,18 @@ sbin/saslauthd1 %%JAVASASL%%@dirrm share/java/classes/sasl/javax %%JAVASASL%%@dirrm share/java/classes/sasl/CyrusSasl %%JAVASASL%%@dirrm share/java/classes/sasl +@dirrm %%EXAMPLESDIR%% @dirrm lib/sasl @cwd /var @exec install -d -m 770 -o cyrus -g cyrus %D/pwcheck -@comment This file gets created by the pwcheck program +@comment This file is created by the pwcheck program @unexec rm -f %D/pwcheck/pwcheck @dirrm pwcheck @mode ug=rwx,o= @exec mkdir -p /var/state/saslauthd1 @exec chown -R cyrus:cyrus state @exec chmod -R o= state -@comment This file gets created by the state/saslauthd program +@comment These files are created by the saslauthd program @unexec rm -fr /var/state/saslauthd1 @unexec rmdir /var/state @cwd %%PREFIX%% |