Here's my situation: I want to use Cyrus imapd to handle mail in AFS space; I'm using OpenAFS 1.2.2, which is roughly equivalent to Transarc 3.6.
I'd like to have Cyrus use the pts server for its ACLs, since I already have working ACLS and it makes my life a lot easier. I also have no reason to keep my users in /etc/passwd, since I'll be spreading mail across a bunch of machines, so I really want to authenticate against Kerberos, not /etc/passwd. The principals all look like v4 principals (because they're intended for use with AFS), but they really do live in K5 space: I'm not really running Kerberos IV; instead I'm using MIT krb5 1.2.2, and using the MIT krb524d to convert tickets. All that works fine. I was able to convince SASL-2.1.0 to build against the KerberosIV libraries, but not saslauthd, largely (I think) because the des.h in K4 gets along extremely poorly with the des.h in OpenSSL. Once I turn to imapd itself, I can more or less bully things into compiling, except for ipop3d, which gets upset over the krb.h in /usr/local/include/kerberosIV. My question is: is there anyone else out there using Cyrus imapd in conjunction with user homes and folders in AFS-space, and if so, is there anybody doing with with a krb5 implementation, rather than v4, under the covers? Am I even on the right track with what I'm trying to do? Adam
