Bug 810414

Summary: RFE: cyrus-sasl should provide /etc/saslauthd.conf
Product: Red Hat Enterprise Linux 6 Reporter: Leonard den Ottolander <leonard-rh-bugzilla>
Component: cyrus-saslAssignee: Petr Lautrbach <plautrba>
Status: CLOSED WONTFIX QA Contact: BaseOS QE Security Team <qe-baseos-security>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 6.2Keywords: FutureFeature
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Enhancement
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-18 09:47:49 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Leonard den Ottolander 2012-04-06 00:53:40 UTC 
cyrus-sasl should provide /etc/(sasl2/)saslauthd.conf.

postfix provides a basic /etc/sasl2/smtpd.conf that integrates postfix with cyrus-sasl.

/etc/saslauthd.conf is a required configuration file if you choose MECH=ldap in /etc/sysconfig/saslauthd.

Some package should provide /ets/saslauthd.conf as it is in essential configuration file for cyrus-sasl/openldap integration. If cyrus-sasl doesn't provide saslauthd.conf openldap-servers is the most likely alternative to do so.
Comment 2 Petr Lautrbach 2012-06-18 09:47:49 UTC 
cyrus-sasl upstream doesn't provide saslauthd.conf file. Default package configuration uses pam mechanismus. In adition, there is /usr/share/doc/cyrus-sasl-2.1.23/LDAP_SASLAUTHD file with instruction how to use auth_ldap module.
Comment 3 Leonard den Ottolander 2012-06-18 22:01:57 UTC 
All the patches RHEL uses aren't provided by any of the upstream distributors. Upstream not providing the file is not a valid argument.

So instead of providing this file and tagging it %config you'd rather have this file orphaned and not belonging to the package cyrus-sasl? So much for clarity and straight forwardness.

And yes, I am aware of LDAP_SASLAUTHD. The point of the request for inclusion is that it makes things more obvious. If people have to figure out every detail of their system what's the point of a distribution in the first place? Adding this configuration file with an example setup and the comment that it only needs to be configured when using MECH=ldap saves users a bit of time having to figure out how to setup their system.

Please reconsider.