Curtis Maurand wrote:
> Patrick Ben Koetter wrote:
> >> However, nothing in my configuration says to open the sasldb file
> >> anywhere as the auth machanism is set to imap, but postfix seems
> >> intent on opening this file anyway.
> >
> > Cyrus SASL opens sasldb as fallback when all other attempts to do
> > AUTH have failed. That in turn says your current setup is
> > non-functional. Which docs did you follow? What's your current
> > setup?
>
> My currwnt setup has the imap connecting to a remote server on a private
> network. The imap server is dbmail 2.2.17.
>
> Postfix is a member of the sasl group. There is an sasldb2 file
> just in case.
I am not sure it is your desire to use the sasldb2 file. But if it is
then on Debian it needs to be made available in the chroot which on
Debian is usually located at /var/spool/postfix/etc. For me it meant
the easiest thing to do was to modify the /etc/init.d/postfix script
to make sure it was copied into the chroot when it was started.
I added etc/sasldb2 to this next section.
FILES="etc/sasldb2 etc/localtime etc/services etc/resolv.conf etc/hosts \
etc/nsswitch.conf etc/nss_mdns.config"
for file in $FILES; do
[ -d ${file%/*} ] || mkdir -p ${file%/*}
if [ -f /${file} ]; then rm -f ${file} && cp -p /${file} ${file}; fi
# if [ -f ${file} ]; then chmod a+rX ${file}; fi
done
And I also removed that line that is commented out so that the
original permissions are preserved. That causes permissions to be
preserved from the /etc file into the chroot area when the file is
copied into it. Otherwise the file would be available to everyone.
Using the original permissions on all of the files is okay.
Again, that is only if you are intending to use the sasldb2 file. It
is a nice simple fallback. But most schemes use other access control
methods.
Bob
