Discussion:
How to configure Cyrus/SASL with Openldap as non root user in non standard pathes
(too old to reply)
Angela Marquardt
2008-06-09 14:42:41 UTC
Permalink
Hi,

I am configuring cyrus-sasl 2.1.22 with ldap auth mechanism for openldap 2.3.38 on Solaris 10.
Both the components openldap and cyrus sasl have to be installed into special directories (not /usr/lib, /etc, ...) using an technical unix account (no root rights/privileges).

The OpenLdap server is already built with Cyrus Sasl support, pldd on the slapd process shows that the libraries are loaded.
Cyrus Sasl still refuses to be built with ldap support.

SASL_PATH and LD_LIBRARY_PATH is already set in the environment of the cyrus-sasl account:

$ echo $SASL_PATH
/usd/as94527a/soft/cyrus-sasl/lib/sasl2
$ echo $LD_LIBRARY_PATH
:/usd/as94527a/soft/openldap/lib:/usd/as94527a/soft/cyrus-sasl/lib

The configure file looks like that:

export CFLAGS=-lsocket
export CPFLAGS="-I/usd/as94527a/soft/openldap/lib"
export LDFLAGS="-lsocket -lldap -L/usd/as94527a/soft/openldap/lib"

./configure --prefix=/usd/as94527a/soft/cyrus-sasl-2.1.22 \
--sysconfdir=/usd/as94527a/soft/cyrus-sasl-2.1.22/etc \
--with-ldap=/usd/as94527a/soft/openldap \
--enable-ldap \
--with-openssl=/usd/as94527a/soft/openssl \
--with-dbpath=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/lib/sasl/sasldb2 \
--with-saslauthd=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd &&

The config.log always shows:
configure:12106: checking LDAPDB
configure:12446: result: disabled
.....
LIB_LDAP=''
.....
ac_cv_lib_ldap_ldap_initialize=no

Can someone confirm that configuring cyrus-sasl as non-root user using non-standard-directories will work and point me to the missing part?

Thanks ahead, Angela
--
Psssst! Schon vom neuen GMX MultiMessenger gehört?
Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger
Angela Marquardt
2008-06-10 13:49:13 UTC
Permalink
I successfully configured Cyrus/Sasl with Openldap now. I had to play with CPPFlags and LDFlags and had to give physical pathnames instead of symbolic links, there also was a typo in the configure script.

But still saslauthd reports ldap as unknown auth method. Any ideas how to fixed this are appreciated.

Thanks ahead, Angela

Output from Cyrus/SASL config.log:
configure:12106: checking LDAPDB
configure:12109: result: enabled
configure:12278: checking OpenLDAP api
configure:12308: result: yes

Openldap has lots of Cyrus/Sasl libraries loaded, amongst them libldap
$ pldd 94693 | grep cyrus
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/libsasl2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libsasldb.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libcrammd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libdigestmd5.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libotp.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libgssapiv2.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libplain.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libanonymous.so.2.0.22
/usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2/libldapdb.so.2.0.22


there is a link from /usd/as94527a/soft/cyrus-sasl-2.1.22/lib/sasl2 to /usr/lib/sasl2, containing also slapd.conf:
$ more /usr/lib/sasl2/slapd.conf
mech_list: plain
pwcheck_method: saslauthd
saslauthd_path: /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd

Openldap reads it and reports in /var/adm/messages: (A further mail threads describes these as only warnings.)
Jun 10 14:52:36 D100STU980 slapd[64001]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:36 D100STU980 slapd[64002]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied
Jun 10 14:52:56 D100STU980 slapd[64491]: [ID 702911 auth.error] auxpropfunc error invalid parameter supplied


Starting saslauthd reports:
Jun 10 15:13:42 D100STU980 saslauthd[93245]: [ID 285309 auth.error] set_auth_mech : unknown authentication mechanism: ldap

Startup command for saslauthd:
saslauthd -d -m /usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd \
-O /usd/as94527a/soft/cyrus-sasl/etc/saslauthd.conf \
-a ldap -r


-------- Original-Nachricht --------
Datum: Mon, 09 Jun 2008 16:42:41 +0200
Betreff: How to configure Cyrus/SASL with Openldap as non root user in non standard pathes
Hi,
I am configuring cyrus-sasl 2.1.22 with ldap auth mechanism for openldap
2.3.38 on Solaris 10.
Both the components openldap and cyrus sasl have to be installed into
special directories (not /usr/lib, /etc, ...) using an technical unix account
(no root rights/privileges).
The OpenLdap server is already built with Cyrus Sasl support, pldd on the
slapd process shows that the libraries are loaded.
Cyrus Sasl still refuses to be built with ldap support.
$ echo $SASL_PATH
/usd/as94527a/soft/cyrus-sasl/lib/sasl2
$ echo $LD_LIBRARY_PATH
:/usd/as94527a/soft/openldap/lib:/usd/as94527a/soft/cyrus-sasl/lib
export CFLAGS=-lsocket
export CPFLAGS="-I/usd/as94527a/soft/openldap/lib"
export LDFLAGS="-lsocket -lldap -L/usd/as94527a/soft/openldap/lib"
./configure --prefix=/usd/as94527a/soft/cyrus-sasl-2.1.22 \
--sysconfdir=/usd/as94527a/soft/cyrus-sasl-2.1.22/etc \
--with-ldap=/usd/as94527a/soft/openldap \
--enable-ldap \
--with-openssl=/usd/as94527a/soft/openssl \
--with-dbpath=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/lib/sasl/sasldb2 \
--with-saslauthd=/usd/as94527a/soft/cyrus-sasl-2.1.22/var/run/saslauthd &&
configure:12106: checking LDAPDB
configure:12446: result: disabled
.....
LIB_LDAP=''
.....
ac_cv_lib_ldap_ldap_initialize=no
Can someone confirm that configuring cyrus-sasl as non-root user using
non-standard-directories will work and point me to the missing part?
Thanks ahead,
--
GMX startet ShortView.de. Hier findest Du Leute mit Deinen Interessen!
Jetzt dabei sein: http://www.shortview.de/?mc=***@gmx
Loading...