saslauthd is a daemon process that handles plaintext authentication requests on behalf of the SASL library.
called also the saslauthd server
For the configuration, it must be told which authentication backend to turn to for password verification. The backend is selected with a saslauthd command-line option.
yum install cyrus-sasl
systemctl status saslauthd
● saslauthd.service - SASL authentication daemon.
Loaded: loaded (/usr/lib/systemd/system/saslauthd.service; disabled; vendor preset: disabled)
Active: inactive (dead)
cat /usr/lib/systemd/system/saslauthd.service
[Unit]
Description=SASL authentication daemon.
After=syslog.target
[Service]
Type=forking
PIDFile=/run/saslauthd/saslauthd.pid
EnvironmentFile=/etc/sysconfig/saslauthd
ExecStart=/usr/sbin/saslauthd -m $SOCKETDIR -a $MECH $FLAGS
RuntimeDirectory=saslauthd
[Install]
WantedBy=multi-user.target
The saslauthd configuration file defined by the service configure:
cat /etc/sysconfig/saslauthd
# or /etc/default/saslauthd.
# Directory in which to place saslauthd's listening socket, pid file, and so
# on. This directory must already exist.
SOCKETDIR=/run/saslauthd
# Mechanism to use when checking passwords. Run "saslauthd -v" to get a list
# of which mechanism your installation was compiled with the ablity to use.
MECH=pam
# Additional flags to pass to saslauthd on the command line. See saslauthd(8)
# for the list of accepted flags.
FLAGS=
All service file are in:
Example:
ls /etc/sasl2/
smtpd.conf # for smtp
To get a list of which mechanism are available
saslauthd -v
saslauthd 2.1.26
authentication mechanisms: getpwent kerberos5 pam rimap shadow ldap httpform
ie:
yum install cyrus-sasl-plain
The saslauthd server verifies passwords against the authentication backend /etc/shadow file if:
saslauthd -a shadow
Cyrus SASL provides the testsaslauthd utility to test saslauthd authentication. The username and password are given as command line arguments. The example shows the response when authentication is successful:
testsaslauthd -u username -p password -s service
# for the smtp service
testsaslauthd -u username -p password -s smtp
0: OK "Success."