On Sun, May 29, 2022 at 11:25:44AM -0400, Viktor Dukhovni <postfix-us...@dukhovni.org> wrote:
> On Sat, May 28, 2022 at 10:32:56PM -0400, Viktor Dukhovni wrote: > > > > This might be irrelevant, but the SASL readme mentions > > > that on some systems Postfix is modified to look for > > > the Cyrus SASL config in /etc/postfix/sasl or > > > /var/lib/sasl2. On Debian, it's in /etc/postfix/sasl. > > > Perhaps "ln -s /etc/sasl2 /etc/postfix/sasl" might > > > help. > > > > I don't expect this is a "modification in Postfix" as such, beyond > > perhaps tweaking the built-in default of: > > > > http://www.postfix.org/postconf.5.html#cyrus_sasl_config_path > > > > which determines the search path for the "smtpd.conf" file. The default > > is to use the path compiled into Cyrus SASL, which would of course not > > be /etc/postfix/sasl (the Cyrus library is not Postfix-specific). > > If the configuration directory turns out to be the issue, or in any > case..., perhaps the below patch to SASL_README might help someone else > in the future. > > -- > Viktor. > > --- proto/SASL_README.html > +++ proto/SASL_README.html > @@ -267,10 +267,18 @@ in <code>/usr/lib/sasl2/</code>. </p> </li> > <li> <p> Cyrus SASL version 2.1.22 and newer additionally search > in <code>/etc/sasl2/</code>. </p> </li> > > -<li> <p> Some Postfix distributions are modified and look for the > -Cyrus SASL configuration file in <code>/etc/postfix/sasl/</code>, > -<code>/var/lib/sasl2/</code> etc. See the distribution-specific > -documentation to determine the expected location. </p> </li> > +<li> <p> With Postfix 2.5 and later you can explicitly configure the > +search path via the <code>cyrus_sasl_config_path</code> configuration > +parameter. Specify zero or more colon-separated directories. If set > +empty (the default value) the search path is the one compiled into the > +Cyrus SASL library. </p> </li> > + > +<li> <p> Some Postfix distributions employ a non-empty default value > +for <code>cyrus_sasl_config_path</code> to look for the Cyrus SASL > +configuration file in <code>/etc/postfix/sasl/</code>, > +<code>/var/lib/sasl2/</code> etc. See the output of <code>postconf > +cyrus_sasl_config_path</code> and/or the distribution-specific > +documentation to determine the expected location. </p> </li> > > </ul> > I don't think that's entirely correct. On Debian, for example, the default value of cyrus_sasl_config_path is empty, and /etc/postfix/sasl is the directory that is used. They haven't changed the default value to be non-empty. $ uname -a Linux ook 5.10.0-14-amd64 #1 SMP Debian 5.10.113-1 (2022-04-29) x86_64 GNU/Linux $ dpkg-query -l | grep postfix ii postfix 3.5.6-1+b1 amd64 High-performance mail transport agent ... $ postconf -d cyrus_sasl_config_path cyrus_sasl_config_path = $ postconf cyrus_sasl_config_path cyrus_sasl_config_path = $ dpkg-query -S /etc/postfix/sasl postfix: /etc/postfix/sasl But perhaps other systems do use a non-empty default. But it does look like it's not the postfix package that they changed. They changed the sasl2-bin package. The only executable binary that contains the string /etc/postfix/sasl is /usr/bin/saslfinger which is provided by the sasl2-bin package. $ find /usr -type f -perm /111 -exec grep -l /etc/postfix/sasl '{}' ';' /usr/bin/saslfinger $ dpkg-query -S /usr/bin/saslfinger sasl2-bin: /usr/bin/saslfinger cheers, raf
