|
From the 2.1.27 docs: https://www.cyrusimap.org/sasl/sasl/pwcheck.html#saslauthd I always thought that saslauthd was for a whole lot of things. For instance, "-a shadow" goes through getspnam and/or getuserpw, which can go through naming services whatever they are, at least on Solaris. So are the rest of the mechs listed below deprecated? OR....what? libsasl2 is supposedly the best way to get mail programs hooked up with authentication for spam prevention, and we have a policy against plaintext passwords, so I was hoping to provide a saslauthd service that could be used by customers to hook up sasl to naming services. The 2.1.26 man page says: NAME saslauthd - sasl authentication server SYNOPSIS saslauthd -a authmech [-Tvdchlr] [-O option] [-m mux_path] [-n threads] [-s size] [-t timeout] AUTHENTICATION MECHANISMS saslauthd supports one or more "authentication mechanisms", dependent upon the facilities provided by the underlying operating system. The mechanism is selected by the -a flag from the following list of choices: dce (AIX) getpwent (All platforms) kerberos4 (All platforms) kerberos5 (All platforms) pam (Linux, Solaris) rimap (All platforms) shadow (AIX, Irix, Linux, Solaris) sasldb (All platforms) ldap (All platforms that support OpenLDAP 2.0 or higher) sia (Digital UNIX) -- Jan Parcel, Software Developer Oracle Systems Server & Cloud Engineering |
