<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
<refentry>
<refmeta>
<refentrytitle>sasldb</refentrytitle>
<manvolnum>5</manvolnum>
</refmeta>
<refnamediv>
<refname>sasldb</refname>
<refpurpose>auxiliary property plugin</refpurpose>
</refnamediv>
<refsynopsisdiv>
<para>Cyrus SASL auxprop plugin to access the sasldb authentication
backend</para>
</refsynopsisdiv>
<refsection>
<title>Description</title>
<para>This document describes configuration options for the Cyrus SASL
auxiliary property plugin <option>sasldb</option>.</para>
<para><option>sasldb</option> is the default and fallback plugin. It will
be used if explicitly configured, but also if other mechanisms have failed
to load e.g. because they haven't been configured properly.</para>
<para>This plugin reads all user data from a Berkeley database. On Debian
systems the default location for this database is
<filename>/etc/sasldb2</filename>.</para>
<para>Passwords are stored in plaintext format to enable usage of
shared-secret mechanisms. To protect the passwords, access has been
restricted to user <systemitem class="username">root</systemitem> and
group <systemitem class="groupname">sasl</systemitem>. An application must
be member of the <systemitem class="groupname">sasl</systemitem> group to
conduct <option>sasldb</option> SASL authentication.</para>
<para>Use the <citerefentry>
<refentrytitle>saslpasswd2</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry> utility to create and modify <option>sasldb</option>
users. The <citerefentry>
<refentrytitle>sasldblistusers2</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry> command prints a list of existing
<option>sasldb</option> users to <literal>STDOUT</literal>.</para>
</refsection>
<refsection>
<title>Options</title>
<para>The following configuration parameters are applicable in the context
of the <option>sasldb</option> plugin:</para>
<variablelist>
<varlistentry>
<term><parameter>sasldb_path</parameter>: (default:
<filename>/etc/sasldb2</filename>)</term>
<listitem>
<para>Specifies the path to the database when
<parameter>auxprop_plugin</parameter>: <option>sasldb</option> is
used. The default path is system dependant, but usually
<filename>/etc/sasldb2</filename>.</para>
</listitem>
</varlistentry>
</variablelist>
</refsection>
<refsection>
<title>Example</title>
<para>The following example shows a typical <option>sasldb</option>
configuration. The database is located at the default location
<filename>/etc/sasldb2</filename>.</para>
<programlisting>pwcheck_method: auxprop
auxprop_plugin: sasldb
mech_list: plain login cram-md5 digest-md5</programlisting>
</refsection>
<refsection>
<title>See also</title>
<para><citerefentry>
<refentrytitle>authdaemond</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>ldapdb</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>libsasl</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>saslauthd</refentrytitle>
<manvolnum>8</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>saslauthd.conf</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>saslpasswd2</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>sasldblistusers2</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>sasldb</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry>, <citerefentry>
<refentrytitle>sql</refentrytitle>
<manvolnum>5</manvolnum>
</citerefentry></para>
</refsection>
<refsection>
<title>Readme files</title>
<para><filename>README.Debian</filename></para>
</refsection>
<refsection>
<title>Author</title>
<para>This manual was written for the Debian distribution because the
original program does not have a manual page. Parts of the documentation
have been taken from the Cyrus SASL's
<filename>options.html</filename>.</para>
<para><address>Patrick Ben Koetter
<email>p@state-of-mind.de</email></address></para>
</refsection>
</refentry>