Bug 113975 - posfix 2.0.16-2 provides /etc/sysconfig/saslauthd, which it should not be providing
posfix 2.0.16-2 provides /etc/sysconfig/saslauthd, which it should not be pro...
Product: Red Hat Raw Hide
Classification: Retired
Component: postfix (Show other bugs)
All Linux
high Severity medium
: ---
: ---
Assigned To: John Dennis
David Lawrence
: 114868 (view as bug list)
Depends On:
  Show dependency treegraph
Reported: 2004-01-20 16:21 EST by Nalin Dahyabhai
Modified: 2007-03-27 00:13 EDT (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-02-24 18:14:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Nalin Dahyabhai 2004-01-20 16:21:35 EST
Description of problem:
The postfix package provides /etc/sysconfig/saslauthd, which it should
not be providing.

Version-Release number of selected component (if applicable):

How reproducible:

Steps to Reproduce:
1. Install postfix-2.0.16-2.
2. Run "rpm -qf /etc/sysconfig/saslauthd".
Actual results:

The configuration overrides the default mechanism (shadow, set as the
default in /etc/init.d/saslauthd) with "pam".

Expected results:
The file should not be there.  If it exists, it should be created by
the system administrator.

Additional info:
In a default configuration, the "pam" mechanism is going to end up
having the same effect as "shadow", but without the extra layers of
abstraction.  The "pam" mechanism support in saslauthd uses the SASL
application name as the PAM service used, so changing this adds a the
PAM configuration file as a requirement for little benefit.
Comment 1 John Dennis 2004-01-20 18:12:42 EST
I thought the process worked like this, you can tell me if I have a
misunderstanding or why my reasoning is not valid.

Authentication preferences are controlled by PAM. Thus a system
administrator can go to one well known place (e.g. /etc/pam.d) and set
the authentication for a variety of services. Also because of the way
PAM can "chain" together configurations you can build heirarchies and
pick up defaults. One of the possibilities PAM offers is shadow. Thus
the configuration Postfix provides says "let the centralized
authentication service be consulted on how to authenticate" and if the
sys admin wants shadow for smtp they get it, or if thats the system
wide default they get it.

If saslauthd specifies "shadow" aren't we bypassing the centralized
authentication configuration we are encouraging sys admins to use?
Comment 2 John Dennis 2004-02-03 14:46:22 EST
*** Bug 114868 has been marked as a duplicate of this bug. ***
Comment 3 John Dennis 2004-02-03 15:16:23 EST
*** Bug 114868 has been marked as a duplicate of this bug. ***
Comment 4 John Dennis 2004-02-24 18:14:34 EST
config file installed by postfix is now removed in RHEL 3 Update 2 and
FC2. Closing.

Note You need to log in before you can comment on or make changes to this bug.