Subject: Re: sasl and --disable-login
To: Andrew Brown <>
From: Johnny C. Lam <>
List: tech-pkg
Date: 03/17/2003 10:19:21
On Sun, Mar 16, 2003 at 09:59:16AM -0800, Johnny C. Lam wrote:
> Also from what I remember about Cyrus SASL, there is no global
> configuration file to specify which authentication mechanisms are allowed
> or disallowed; it's merely a matter of which plugins are available in
> ${PREFIX}/lib/sasl.  I think we can just build the LOGIN plugin separately
> from the rest of Cyrus SASL in another package, e.g. cy-login or
> cyrus-sasl-login, so that normal users of SASL aren't hobbled by a bad
> authentication mechanism while users that need it can just install a
> separate package for the extra functionality.

I've created a new set of packages for cyrus-sasl and cy-login.  They may
be found at:

Simply move the old cyrus-sasl package out of the way, and extract
sasl.tar.gz from within pkgsrc/security.  If you already have cyrus-sasl
installed, then you can simply run "make install" in security/cy-login.
I think this should provide the LOGIN authentication mechanism for use by
Cyrus SASL-aware applications, but I don't know how to test this.  Testers
are welcome to try this out and to provide feedback on whether this works,
and also any other steps that were necessary to get this completely


	-- Johnny Lam <>