The Cyrus IMAPD and SASL libraries distributed with RedHat Powertools are misconfigured such that it is impossible to authenticate to the imap server. There are several problems: (1) The Cyrus imap daemon does not run SUID root, and *cannot* authenticate against the shadow password file. However, the RedHat RPM comes with a PAM module that attempts to authenticate against the system password file, so this fails. The solution in this situation is to build the SASL libraries with the --enable-pwcheck option; this causes the "pwcheck" daemon to be built, which is a small server that runs as root and provides authentication services to imapd. The imapd RPM should include a startup script that runs pwcheck at boot. (2) The deliver program is installed owner=root and group=root, with the following permissions: -rwxr-x---. However, deliver (like the other Cyrus utilities) can only be run as the cyrus user, so in this configuration it cannot be run at all. The solution is to change the group ownership to the same group as the cyrus user (e.g., mail).
Cyrus imapd in Raw Hide (2.0.5-6) fixes the second problem, but the first is unlikely to be done because allowing any non-root user to attempt to guess other users' passwords will decrease the level of security, and the pwcheck daemon is documented as not being hardened against denial-of-service attacks.
If I understand well the RMPs shipped with the 6.2 powertools don't work, and neither does the actual RPMs in the pinstripe powertools As al little and humble opinion the it would be wise to be sure to not ship cyrus et. al with the 7.0 final if the evolving RPMs from rawhide don't reach a working state.
That's strange. I've run the versions from Raw Hide on my own workstation without problems -- created mailboxes using the admin interface, sent mail to them, and read messages. What specific problems are you having?
Well, I'm running 6.2 system, so * I rebuilt the db3 rawhide SRPM to be able to install the RPM in my system. * I think maybe I must upgrade Perl in the same way order to be able to run cyradm So surely the problem I'm having (saslpasswd hangs after prompting the passwd) is my fault. Two little things I've seen in the process: * /var/imap/{user, quota} are not being chattred +S. You are doing it in the %install section but it seems rpm don't preserve these attribs when building the binary RPMS. Additionally, (if you are not skipping intentionally this step) the /var/imap{user, quota}/* content is also 'chattrd' +S in the cyrus imap original install process. * The cyrus user gets /bin/false shell in the %post section. Is this correct ? (I read something about cyrus' shell and cyradm in the ChangeLog, and maybe the final user should also get /bin/sh like the %install section does when 'useradding' cyrus) Excuse me for my english, for maybe seeing bugs where no one exist, and for reporting them in another bug's comments form.
The only calls to chattr in the spec file are in the %post section, which is run in the post-install of the binary package, so I think that's actually working correctly. The cyrus user should have a real shell, and the chattr call should use -R. Both will be fixed 2.0.6-3 and later.
Closing as WONTFIX due to end of life of the Power Tools product line. Please open a new bug report under the Red Hat Linux product if the component is still included in the base Red Hat distribution.