[Date Prev][Date Next]
Re: saslauxprop and libldapdb, auxpropfunc error -7
As background, I'm trying to get the libldap auxprop plugin
(distributed with OpenLDAP) for SASL to work. The goal is to have
services that use SASL be able to use secure password exchanges
(DIGESTMD5, etc.) when the user account info is stored in OpenLDAP.
This is by design. By default, libldapdb will always fail to load in
However I have no joy when trying to us it. When I start slapd, I
immediately note an error in my system log
Phoenicia slapd: auxpropfunc error -7
slapd doesn't need it, it has its own built in. slapd must never
load the libldapdb plugin, otherwise it will cause an infinite loop.
Boy does that make a lot of sense. :)
I get the same error as soon as my IMAP server tries to
user. I see no messages from the console where slapd is running in
debug mode (256). Running the IMAP server in gdb, and using
info" command, it does not appear that the libldapdb library
My assumption is that I've not compiled it correctly. I've
than successful in finding much other documentation around for doing
this. If anyone knows of some, It would be helpful. Once I
way though this, I'll post the procedure.
Use ldd on libldapdb.so and see what libraries it's looking for. Make
all of those libraries can be located at runtime.
This is the rule I added to my sasl/plugins/Makefile to build the
$(LINK) $(libsasldb_la_LDFLAGS) ldapdb.lo -lldap -llber
Well, I've compiled it a number of times and with a number of
suggestions. I'm starting to think that perhaps it is compiled
correctly, but I'm missing some key config item that allows it to
Trying Howard Chu's suggestion above, I see it needing the following
libraries, all of which are present and executable on my system:
[root@Phoenicia sasl2]# ldd libldapdb.so
libldap.so.2 => /usr/lib/libldap.so.2 (0x40010000)
liblber.so.2 => /usr/lib/liblber.so.2 (0x4003b000)
libresolv.so.2 => /lib/libresolv.so.2 (0x40046000)
libc.so.6 => /lib/i686/libc.so.6 (0x42000000)
libdl.so.2 => /lib/libdl.so.2 (0x40058000)
libssl.so.0.9.7 => /usr/lib/libssl.so.0.9.7 (0x4005b000)
libcrypto.so.0.9.7 => /usr/lib/libcrypto.so.0.9.7 (0x4008a000)
/lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x80000000)
Running the Cyrus sample program, or the Cyrus IMAP server (which does,
BTW, authenticate OK with the sasldb plugin), I just keep getting the
aupropfunc error -7. I'm starting to wonder if perhaps my
configuration file for the server (in this case /etc/imapd.conf) is
wrong. Would this keep the plugin from loading? Below in my
admins: cyrus root
After reading some of the messages previous to this, it seems that the
plugin may be looking in /usr/lib/sasl2 for the config file, so I've
copied it there as well.
I've tried derivations of the ldapdb_uri: directive, but no luck.
(ldapdb_uri: ldap://127.0.0.1 ldapdb_uri: 127.0.0.1 ldapdb_uri:
ldap:// ldapdb_uri: ldapi://)
Any thoughts? I'm at a loss even for where to keep poking at this
thing. As before, running slapd from the console in debug mode (-d
256) is not even registering any hits at all. Right now I'd consider it
a small victory if the plugin would at least *touch* slapd. Then I'm
sure it will be a whole separate adventure to get it configured
properly. But that's for later.
Thanks for any and all help.