Rob Siemborski schrieb am Fri, Dec 07, 2001 at 09:53:33PM -0500: * saslauthd links the pam libraries just like libsasl used to in SASLv1. * * libsasl2 now connects to a unix domain socket, which saslauthd is * listening to, presents the username and password, and saslauthd consults * pam, and replies either yes or now. This is similar to how pwcheck works. * * To start saslauthd, you give it a password checking mechanism (e.g. pam or * rimap or kerberos4 or shadow, such as: * * saslauthd -a shadow
I *strongly* recommend a change of saslauthd's man page. Yesterday I migrated from SASL-1.5.27 to SASL-2.0.5-BETA and found it very difficult to have my old LDAP-via-PAM authentication scheme survive this transition. As "getpwent" did not work either, I ended up in putting my small LDAP userbase back up into the flat files and bring my services up working again via "saslauthd -a shadow". The saslauthd man page did not say *anything* about PAM so I did not try that as an option. The methods mentioned there are "sasldb", "dce", "getpwent", "kerberos4", "rimap", "shadow" and "sia". It was only when I read this mail tread that I had a look at the sources and saw that "pam" is also incorporated. - Birger
