[Pkg-cyrus-sasl2-commits] r400 - in /cyrus-sasl-2.1/trunk/debian/doc: TODO auxprop-ldapdb.5.xml auxprop-sasldb.5.xml auxprop-sql.5.xml ldapdb.5 ldapdb.5.xml libsasl.5 libsasl.5.xml saslauthd.conf.5 saslauthd.conf.5.xml sasldb.5 sasldb.5.xml sql.5 sql.5.xml
pbk-guest at users.alioth.debian.org
pbk-guest at users.alioth.debian.org
Sun Dec 14 20:56:59 UTC 2008
Author: pbk-guest
Date: Sun Dec 14 20:56:59 2008
New Revision: 400
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/?sc=1&rev=400
Log:
Renamed XML files
Minor working on man pages
Added:
cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5.xml
cyrus-sasl-2.1/trunk/debian/doc/sasldb.5.xml
cyrus-sasl-2.1/trunk/debian/doc/sql.5.xml
Removed:
cyrus-sasl-2.1/trunk/debian/doc/auxprop-ldapdb.5.xml
cyrus-sasl-2.1/trunk/debian/doc/auxprop-sasldb.5.xml
cyrus-sasl-2.1/trunk/debian/doc/auxprop-sql.5.xml
Modified:
cyrus-sasl-2.1/trunk/debian/doc/TODO
cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5
cyrus-sasl-2.1/trunk/debian/doc/libsasl.5
cyrus-sasl-2.1/trunk/debian/doc/libsasl.5.xml
cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5
cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5.xml
cyrus-sasl-2.1/trunk/debian/doc/sasldb.5
cyrus-sasl-2.1/trunk/debian/doc/sql.5
Modified: cyrus-sasl-2.1/trunk/debian/doc/TODO
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/TODO?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/TODO (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/TODO Sun Dec 14 20:56:59 2008
@@ -1,4 +1,3 @@
Write manual for
- authdaemond(8)
-- sql(5)
- pwcheck_method: alwaystrue
Modified: cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5 (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5 Sun Dec 14 20:56:59 2008
@@ -1,34 +1,33 @@
.\" Title: ldapdb
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\" Date: 11/21/2008
+.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
+.\" Date: 12/14/2008
.\" Manual:
.\" Source:
.\"
-.TH "LDAPDB" "5" "11/21/2008" "" ""
+.TH "LDAPDB" "5" "12/14/2008" "" ""
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-ldapdb \- Cyrus SASL auxprop plugin to access LDAP authentication backends
+ldapdb \- auxiliary property plugin
.SH "SYNOPSIS"
.PP
-\fIauxprop_plugin\fR:
-\fBldapdb\fR
+Cyrus SASL auxprop plugin to access LDAP authentication backends\&.
.SH "DESCRIPTION"
.PP
This document describes configuration options for the Cyrus SASL auxiliary property plugin
-\fBldapdb\fR.
+\fBldapdb\fR\&.
.PP
-This plugin reads all user data from an OpenLDAP server. It requires configuration of the
+This plugin reads all user data from an OpenLDAP server\&. It requires configuration of the
\fBldapdb\fR
-plugin and of the LDAP server. The
+plugin and of the LDAP server\&. The
\fBldapdb\fR
-plugin must name a proxy user. The proxy user must (also) SASL authenticate at the LDAP server. The LDAP server must authorize the
+plugin must name a proxy user\&. The proxy user must (also) SASL authenticate at the LDAP server\&. The LDAP server must authorize the
\fBldapdb\fR
proxy user to access the authenticating users
-\fIuserPassword\fR.
+\fIuserPassword\fR\&.
.SH "OPTIONS"
.PP
The following configuration parameters are applicable in the context of the
@@ -37,77 +36,75 @@
.PP
\fBldapdb_uri\fR (default: empty)
.RS 4
-Specifies a whitespace\-separated list of LDAP servers (authentication backends). Use
-\fBldapi://\fR...,
-\fBldap://\fR... or
-\fBldaps://\fR... to specify how the servers should be contacted.
+Specifies a whitespace\-separated list of LDAP servers (authentication backends)\&. Use
+\fBldapi://\fR\&.\&.\&.,
+\fBldap://\fR\&.\&.\&. or
+\fBldaps://\fR\&.\&.\&. to specify how the servers should be contacted\&.
.RE
.PP
\fBldapdb_id\fR (default: empty)
.RS 4
Specifies the proxy user name (authentication id) who logs into the LDAP server in order to retrieve the authenticating users
-\fIuserPassword\fR.
+\fIuserPassword\fR\&.
.RE
.PP
\fBldapdb_mech\fR (default: empty)
.RS 4
Sets the SASL mechanism the
\fBldapdb\fR
-plugin (client) should use when it SASL connects to the LDAP server.
+plugin (client) should use when it SASL connects to the LDAP server\&.
.RE
.PP
\fBldapdb_pw\fR (default: empty)
.RS 4
Specifies the password used by
-\fIldapdb_id\fR. The password must be written in cleartext.
+\fIldapdb_id\fR\&. The password must be written in cleartext\&.
.RE
.PP
\fBldapdb_rc\fR (default: empty)
.RS 4
Specifies a path to a file that contains configuration options to override system\-wide defaults when running ldap clients (see also:
-\fBldap.conf\fR(5)).
+\fBldap.conf\fR(5))\&.
.sp
The main purpose behind this option is to drop transmission of
\fIldapdb_pw\fR
in favor of a client TLS certificate specified in
-\fIldapdb_rc\fR, so that SASL/EXTERNAL may be used between the ldapdb plugin and the LDAP server.
+\fIldapdb_rc\fR, so that SASL/EXTERNAL may be used between the ldapdb plugin and the LDAP server\&.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
-\fBNote\fR
-This is the most optimal way to use the ldapdb plugin when the servers are on separate machines \- the connection is encrypted and password transmission is not necessary because the client is identified by its TLS client certificate.
+Note
+This is the most optimal way to use the ldapdb plugin when the servers are on separate machines \- the connection is encrypted and password transmission is not necessary because the client is identified by its TLS client certificate\&.
.RE
.PP
\fBldapdb_starttls\fR (default: empty)
.RS 4
-Enable encrypted communication using StartTLS. Valid options are:
-.RS 4
+Enable encrypted communication using StartTLS\&. Valid options are:
.PP
\fBtry\fR
.RS 4
-StartTLS encrypted communication is attempted. If it fails the client communicates unencrypted.
+StartTLS encrypted communication is attempted\&. If it fails the client communicates unencrypted\&.
.RE
.PP
\fBdemand\fR
.RS 4
-StartTLS encrypted communication is required. If it fails the client aborts the connection.
-.RE
+StartTLS encrypted communication is required\&. If it fails the client aborts the connection\&.
.RE
.RE
.SH "EXAMPLE"
.PP
The following example shows a typical
\fBldapdb\fR
-configuration.
+configuration\&.
.sp
.RS 4
.nf
pwcheck_method: auxprop
auxprop_plugin: ldapdb
mech_list: PLAIN LOGIN NTLM CRAM\-MD5 DIGEST\-MD5
-ldapdb_uri: ldap://localhost ldaps://ldap.example.com
+ldapdb_uri: ldap://localhost ldaps://ldap\&.example\&.com
ldapdb_id: proxyuser
ldapdb_pw: proxypass
ldapdb_mech: DIGEST\-MD5
@@ -115,29 +112,26 @@
.RE
.SH "SEE ALSO"
.PP
-\fBauthdaemond\fR(5), Cyrus SASL password verification service
+\fBauthdaemond\fR(5),
+\fBldapdb\fR(5),
+\fBlibsasl\fR(5),
+\fBsaslauthd\fR(8),
+\fBsaslauthd.conf\fR(5),
+\fBsaslpasswd2\fR(5),
+\fBsasldblistusers2\fR(5),
+\fBsasldb\fR(5),
+\fBsql\fR(5)
+.SH "README FILES"
.PP
-\fBldapdb\fR(5), Cyrus SASL auxprop plugin to access LDAP authentication backends
-.PP
-\fBsaslauthd\fR(8), Cyrus SASL password verification service
-.PP
-\fBsaslauthd.conf\fR(5), Cyrus SASL saslauthd LDAP configuration file
-.PP
-\fBsaslpasswd2\fR(5), set a user\(cqs SASL password
-.PP
-\fBsasldblistusers2\fR(5), list users in sasldb
-.PP
-\fBsasldb\fR(5), Cyrus SASL auxprop plugin to access the sasldb authentication backend
-.PP
-\fBsql\fR(5), Cyrus SASL auxprop plugin to access SQL authentication backends
+\fIREADME\&.Debian\fR
.SH "AUTHOR"
.PP
-This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's
-\fIoptions.html\fR.
+This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s
+\fIoptions\&.html\fR\&.
.PP
.RS 4
.nf
Patrick Ben Koetter
-<p at state\-of\-mind.de>
+<p at state\-of\-mind\&.de>
.fi
.RE
Added: cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5.xml
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5.xml?rev=400&op=file
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5.xml (added)
+++ cyrus-sasl-2.1/trunk/debian/doc/ldapdb.5.xml Sun Dec 14 20:56:59 2008
@@ -1,0 +1,215 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<refentry lang="en">
+ <refmeta>
+ <refentrytitle>ldapdb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>ldapdb</refname>
+
+ <refpurpose>auxiliary property plugin</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para>Cyrus SASL auxprop plugin to access LDAP authentication
+ backends.</para>
+ </refsynopsisdiv>
+
+ <refsection>
+ <title>Description</title>
+
+ <para>This document describes configuration options for the Cyrus SASL
+ auxiliary property plugin <option>ldapdb</option>.</para>
+
+ <para>This plugin reads all user data from an OpenLDAP server. It requires
+ configuration of the <option>ldapdb</option> plugin and of the LDAP
+ server. The <option>ldapdb</option> plugin must name a proxy user. The
+ proxy user must (also) SASL authenticate at the LDAP server. The LDAP
+ server must authorize the <option>ldapdb</option> proxy user to access the
+ authenticating users <parameter>userPassword</parameter>.</para>
+ </refsection>
+
+ <refsection>
+ <title>Options</title>
+
+ <para>The following configuration parameters are applicable in the context
+ of the <option>ldapdb</option> plugin:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>ldapdb_uri</option> (default: empty)</term>
+
+ <listitem>
+ <para>Specifies a whitespace-separated list of LDAP servers
+ (authentication backends). Use <option>ldapi://</option>...,
+ <option>ldap://</option>... or <option>ldaps://</option>... to
+ specify how the servers should be contacted.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>ldapdb_id</option> (default: empty)</term>
+
+ <listitem>
+ <para>Specifies the proxy user name (authentication id) who logs
+ into the LDAP server in order to retrieve the authenticating users
+ <parameter>userPassword</parameter>.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>ldapdb_mech</option> (default: empty)</term>
+
+ <listitem>
+ <para>Sets the SASL mechanism the <option>ldapdb</option> plugin
+ (client) should use when it SASL connects to the LDAP server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>ldapdb_pw</option> (default: empty)</term>
+
+ <listitem>
+ <para>Specifies the password used by
+ <parameter>ldapdb_id</parameter>. The password must be written in
+ cleartext.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>ldapdb_rc</option> (default: empty)</term>
+
+ <listitem>
+ <para>Specifies a path to a file that contains configuration options
+ to override system-wide defaults when running ldap clients (see
+ also: <citerefentry>
+ <refentrytitle>ldap.conf</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>).</para>
+
+ <para>The main purpose behind this option is to drop transmission of
+ <parameter>ldapdb_pw</parameter> in favor of a client TLS
+ certificate specified in <parameter>ldapdb_rc</parameter>, so that
+ SASL/EXTERNAL may be used between the ldapdb plugin and the LDAP
+ server.</para>
+
+ <note>
+ <para>This is the most optimal way to use the ldapdb plugin when
+ the servers are on separate machines - the connection is encrypted
+ and password transmission is not necessary because the client is
+ identified by its TLS client certificate.</para>
+ </note>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>ldapdb_starttls</option> (default: empty)</term>
+
+ <listitem>
+ <para>Enable encrypted communication using StartTLS. Valid options
+ are:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>try</option></term>
+
+ <listitem>
+ <para>StartTLS encrypted communication is attempted. If it
+ fails the client communicates unencrypted.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>demand</option></term>
+
+ <listitem>
+ <para>StartTLS encrypted communication is required. If it
+ fails the client aborts the connection.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsection>
+
+ <refsection>
+ <title>Example</title>
+
+ <para>The following example shows a typical <option>ldapdb</option>
+ configuration.</para>
+
+ <programlisting>pwcheck_method: auxprop
+auxprop_plugin: ldapdb
+mech_list: PLAIN LOGIN NTLM CRAM-MD5 DIGEST-MD5
+ldapdb_uri: ldap://localhost ldaps://ldap.example.com
+ldapdb_id: proxyuser
+ldapdb_pw: proxypass
+ldapdb_mech: DIGEST-MD5</programlisting>
+ </refsection>
+
+ <refsection>
+ <title>See also</title>
+
+ <para><citerefentry>
+ <refentrytitle>authdaemond</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>ldapdb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>libsasl</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd.conf</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslpasswd2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldblistusers2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sql</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry></para>
+ </refsection>
+
+ <refsection>
+ <title>Readme files</title>
+
+ <para><filename>README.Debian</filename></para>
+ </refsection>
+
+ <refsection>
+ <title>Author</title>
+
+ <para>This manual was written for the Debian distribution because the
+ original program does not have a manual page. Parts of the documentation
+ have been taken from the Cyrus SASL's
+ <filename>options.html</filename>.</para>
+
+ <para><address>Patrick Ben Koetter
+<email>p at state-of-mind.de</email></address></para>
+ </refsection>
+</refentry>
Modified: cyrus-sasl-2.1/trunk/debian/doc/libsasl.5
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/libsasl.5?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/libsasl.5 (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/libsasl.5 Sun Dec 14 20:56:59 2008
@@ -1,84 +1,89 @@
.\" Title: libsasl
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\" Date: 11/30/2008
+.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
+.\" Date: 12/14/2008
.\" Manual:
.\" Source:
.\"
-.TH "LIBSASL" "5" "11/30/2008" "" ""
+.TH "LIBSASL" "5" "12/14/2008" "" ""
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-libsasl \- Cyrus SASL authentication library
+libsasl \- authentication library
.SH "SYNOPSIS"
-.HP 1
- []
+.PP
+Cyrus SASL library handling communication between an application and the Cyrus SASL authentication framework\&.
.SH "DESCRIPTION"
.PP
This document describes generic configuration options for the Cyrus SASL authentication library
-\fIlibsasl\fR.
-.PP
-The library handles communication between an application and the Cyrus SASL authentication framework. Both exchange information before libsasl can start offering authentication services for the application.
+libsasl\&.
+.PP
+The library handles communication between an application and the Cyrus SASL authentication framework\&. Both exchange information before
+libsasl
+can start offering authentication services for the application\&.
.PP
The application, among other data, sends the
-\fIservice_name\fR.The service name is the services name as specified by IANA. SMTP servers, for example, send
+\fIservice_name\fR\&. The service name is the services name as specified by IANA\&. SMTP servers, for example, send
\fBsmtp\fR
-as service_name. This information is handed over by libsasl e.g. when Kerberos or PAM authentication takes place.
+as
+\fIservice_name\fR\&. This information is handed over by
+libsasl
+e\&.g\&. when Kerberos or PAM authentication takes place\&.
.PP
Configuration options in general are read either from a file or passed by the application using
-\fIlibsasl\fR
-during library initialization.
+libsasl
+during library initialization\&.
.SS "File\-Based configuration"
.PP
When an application (server) starts, it initializes the
-\fIlibsasl\fR
-library. The application passes
+libsasl
+library\&. The application passes
\fIapp_name\fR
-(application name) to the SASL library. Its value is used to construct the name of the application specific SASL configuration file. The Cyrus SASL sample\-server, for example, sends
+(application name) to the SASL library\&. Its value is used to construct the name of the application specific SASL configuration file\&. The Cyrus SASL sample\-server, for example, sends
\fBsample\fR
as
-\fIapp_name\fR. Using this value the SASL library will search the configuration directories for a file named
-\fIsample.conf\fR
-and read configuration options from it.
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBNote\fR
+\fIapp_name\fR\&. Using this value the SASL library will search the configuration directories for a file named
+\fIsample\&.conf\fR
+and read configuration options from it\&.
+.sp
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.br
+Note
.PP
Consult the applications manual to determine what
\fIapp_name\fR
-it sends to the Cyrus SASL library.
+it sends to the Cyrus SASL library\&.
.SS "Application\-Based Configuration"
.PP
Configuration options for
-\fIlibsasl\fR
-are written down together with application specific options in the applications configuration file. The application reads them and passes them over to
-\fIlibsasl\fR
-when it loads the library.
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBNote\fR
+libsasl
+are written down together with application specific options in the applications configuration file\&. The application reads them and passes them over to
+libsasl
+when it loads the library\&.
+.sp
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.br
+Note
.PP
An example for application\-based configuration is the Cyrus IMAP server
-imapd. SASL configuration is written to
-\fIimapd.conf\fR
+imapd\&. SASL configuration is written to
+\fIimapd\&.conf\fR
and passed to the SASL library when the
imapd
-server starts.
+server starts\&.
.SH "CONFIGURATION SYNTAX"
.PP
The general format of Cyrus SASL configuration file is as follows:
.PP
Configuration options
.RS 4
-Configuration options are written each on a single logical line. Parameter and value must be separated by a colon and a single whitespace:
+Configuration options are written each on a single physical line\&. Parameter and value must be separated by a colon and a single whitespace:
.sp
.RS 4
.nf
@@ -90,67 +95,65 @@
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
-\fBImportant\fR
-There must be no trailing whitespace after the value or Cyrus SASL will fail to read the option!
+Important
+There must be no trailing whitespace after the value or Cyrus SASL will fail to apply the value appropriately!
.RE
.PP
Comments, Emtpy lines and whitespace\-only lines
.RS 4
Empty lines and whitespace\-only lines are ignored, as are lines whose first non\-whitespace character is a
-\(lq#\(rq.
+\(lq#\(rq\&.
.RE
.SH "OPTIONS"
.PP
-There are generic options and options specific to the password verification service or auxiliary property plugin choosen by the administrator. Such specific options are documented in manuals listed in
-the section called \(lqSEE ALSO\(rq.
+There are generic options and options specific to the password verification service or auxiliary property plugin choosen by the administrator\&. Such specific options are documented in manuals listed in
+the section called \(lqSEE ALSO\(rq\&.
.PP
The following configuration parameters are generic configuration options:
.PP
\fIauthdaemond_path\fR (default: \fB/dev/null\fR)
.RS 4
-Path to Courier MTA authdaemond's unix socket. Only applicable when
+Path to Courier MTA authdaemond\'s unix socket\&. Only applicable when
\fIpwcheck_method\fR
is set to
-\fBauthdaemond\fR.
+\fBauthdaemond\fR\&.
.RE
.PP
\fIauto_transition\fR: (default: \fBno\fR)
.RS 4
-Automatically transition users to other mechanisms when they do a successful plaintext authentication and if an auxprop plugin is used.
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBImportant\fR
+Automatically transition users to other mechanisms when they do a successful plaintext authentication and if an auxprop plugin is used\&.
+.sp
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.br
+Important
This option does not apply to the
\fBldapdb\fR(5)
-plugin. It is a read\-only plugin.
-.RS 4
+plugin\&. It is a read\-only plugin\&.
.PP
\fBno\fR
.RS 4
-Do not transition users to other mechanisms.
+Do not transition users to other mechanisms\&.
.RE
.PP
\fBnoplain\fR
.RS 4
-Transition users to other mechanisms, but write non\-plaintext secrets only.
+Transition users to other mechanisms, but write non\-plaintext secrets only\&.
.RE
.PP
\fByes\fR
.RS 4
-Transition users to other mechanisms.
-.RE
-.RE
-.IP "" 4
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBNote\fR
-The only mechanisms (as currently implemented) which don't use plaintext secrets are OTP and SRP.
+Transition users to other mechanisms\&.
+.RE
+.sp
+.sp
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.br
+Note
+The only mechanisms (as currently implemented) which don\'t use plaintext secrets are OTP and SRP\&.
.RE
.PP
\fIauxprop_plugin\fR: (default: empty)
@@ -159,8 +162,7 @@
\fIpwcheck_method\fR
parameter specifies
\fBauxprop\fR
-as an option. Plugins will be queried in list order. If no plugin is specified, all available plugins will be queried.
-.RS 4
+as an option\&. Plugins will be queried in list order\&. If no plugin is specified, all available plugins will be queried\&.
.PP
\fBldapdb\fR
.RS 4
@@ -168,7 +170,7 @@
\fBldapdb\fR
to use the Cyrus SASL
\fBldapdb\fR(5)
-plugin.
+plugin\&.
.RE
.PP
\fBsasldb\fR
@@ -177,7 +179,7 @@
\fBsasldb\fR
to use the Cyrus SASL
\fBsasldb\fR(5)
-plugin.
+plugin\&.
.RE
.PP
\fBsql\fR
@@ -186,19 +188,17 @@
\fBsql\fR
to use the Cyrus SASL
\fBsql\fR(5)
-plugin.
-.RE
+plugin\&.
.RE
.RE
.PP
\fIlog_level\fR: (default: \fB1\fR)
.RS 4
-Specifies a numeric log level. Available log levels are:
-.RS 4
+Specifies a numeric log level\&. Available log levels are:
.PP
\fB0\fR
.RS 4
-Don't log anything
+Don\'t log anything
.RE
.PP
\fB1\fR
@@ -235,40 +235,38 @@
.RS 4
Traces of internal protocols, including passwords
.RE
-.RE
-.IP "" 4
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBImportant\fR
-Cyrus SASL hands log messages up to the application that runs it. It is upon that application to decide if it forwards such messages to the
+.sp
+.sp
+.it 1 an-trap
+.nr an-no-space-flag 1
+.nr an-break-flag 1
+.br
+Important
+Cyrus SASL sends log messages to the application that runs it\&. The application decides if it forwards such messages to the
\fBsysklogd\fR(8)
service, to which
\fIfacility\fR
they are sent and which
\fIpriority\fR
-is given to the message.
+is given to the message\&.
.RE
.PP
\fImech_list\fR: (default: empty)
.RS 4
The optional
\fImech_list\fR
-parameter specifies a whitespace\-separated list of one or more mechanisms allowed for authentication.
+parameter specifies a whitespace\-separated list of one or more mechanisms allowed for authentication\&.
.RE
.PP
\fIpwcheck_method\fR: (default: \fBauxprop\fR)
.RS 4
-A whitespace\-separated list of one or more mechanisms. Cyrus SASL provides the following mechanisms:
-.RS 4
+A whitespace\-separated list of one or more mechanisms\&. Cyrus SASL provides the following mechanisms:
.PP
\fBauthdaemond\fR
.RS 4
Configures Cyrus SASL to contact the Courier MTA
\fBauthdaemond\fR(8)
-password verification service for password verification.
+password verification service for password verification\&.
.RE
.PP
\fBalwaystrue\fR
@@ -278,58 +276,56 @@
.PP
\fBauxprop\fR
.RS 4
-Cyrus SASL will use its own plugin infrastructure to verify passwords. The
+Cyrus SASL will use its own plugin infrastructure to verify passwords\&. The
\fI\fIauxprop_plugin\fR\fR
-parameter controls which plugins will be used.
+parameter controls which plugins will be used\&.
.RE
.PP
\fBpwcheck\fR
.RS 4
Verify passwords using the Cyrus SASL
\fBpwcheck\fR(8)
-password verification service. The pwcheck daemon is considered deprecated and should not be used anymore. Use the saslauthd password verification service instead.
+password verification service\&. The pwcheck daemon is considered deprecated and should not be used anymore\&. Use the saslauthd password verification service instead\&.
.RE
.PP
\fBsaslauthd\fR
.RS 4
Verify passwords using the Cyrus SASL
\fBsaslauthd\fR(8)
-password verification service.
-.RE
+password verification service\&.
.RE
.RE
.PP
\fIsaslauthd_path\fR: (default: empty)
.RS 4
-Path to saslauthd run directory (including the "/mux" named pipe)
+Path to
+\fBsaslauthd\fR(8)
+run directory (including the
+\fI/mux\fR
+named pipe)
.RE
.SH "SEE ALSO"
.PP
-\fBauthdaemond\fR(5), Cyrus SASL password verification service
-.PP
-\fBldapdb\fR(5), Cyrus SASL auxprop plugin to access LDAP authentication backends
-.PP
-\fBlibsasl\fR(5), Cyrus SASL authentication library
-.PP
-\fBsaslauthd\fR(8), Cyrus SASL password verification service
-.PP
-\fBsaslauthd.conf\fR(5), Cyrus SASL saslauthd LDAP configuration file
-.PP
-\fBsaslpasswd2\fR(5), set a user\(cqs SASL password
-.PP
-\fBsasldblistusers2\fR(5), list users in sasldb
-.PP
-\fBsasldb\fR(5), Cyrus SASL auxprop plugin to access the sasldb authentication backend
-.PP
-\fBsql\fR(5), Cyrus SASL auxprop plugin to access SQL authentication backends
+\fBauthdaemond\fR(5),
+\fBldapdb\fR(5),
+\fBlibsasl\fR(5),
+\fBsaslauthd\fR(8),
+\fBsaslauthd.conf\fR(5),
+\fBsaslpasswd2\fR(5),
+\fBsasldblistusers2\fR(5),
+\fBsasldb\fR(5),
+\fBsql\fR(5)
+.SH "README FILES"
+.PP
+\fIREADME\&.Debian\fR
.SH "AUTHOR"
.PP
-This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's
-\fIoptions.html\fR.
+This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s
+\fIoptions\&.html\fR\&.
.PP
.RS 4
.nf
Patrick Ben Koetter
-<p at state\-of\-mind.de>
+<p at state\-of\-mind\&.de>
.fi
.RE
Modified: cyrus-sasl-2.1/trunk/debian/doc/libsasl.5.xml
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/libsasl.5.xml?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/libsasl.5.xml (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/libsasl.5.xml Sun Dec 14 20:56:59 2008
@@ -11,50 +11,51 @@
<refnamediv>
<refname>libsasl</refname>
- <refpurpose>Cyrus SASL authentication library</refpurpose>
+ <refpurpose>authentication library</refpurpose>
</refnamediv>
<refsynopsisdiv>
- <cmdsynopsis>
- <command></command>
-
- <arg choice="opt"></arg>
- </cmdsynopsis>
+ <para>Cyrus SASL library handling communication between an application and
+ the Cyrus SASL authentication framework.</para>
</refsynopsisdiv>
<refsection>
<title>Description</title>
<para>This document describes generic configuration options for the Cyrus
- SASL authentication library <filename>libsasl</filename>.</para>
+ SASL authentication library <systemitem
+ class="library">libsasl</systemitem>.</para>
<para>The library handles communication between an application and the
Cyrus SASL authentication framework. Both exchange information before
- libsasl can start offering authentication services for the
- application.</para>
+ <systemitem class="library">libsasl</systemitem> can start offering
+ authentication services for the application.</para>
<para>The application, among other data, sends the
- <parameter>service_name</parameter>.The service name is the services name
+ <parameter>service_name</parameter>. The service name is the services name
as specified by IANA. SMTP servers, for example, send
- <option>smtp</option> as service_name. This information is handed over by
- libsasl e.g. when Kerberos or PAM authentication takes place.</para>
+ <option>smtp</option> as <parameter>service_name</parameter>. This
+ information is handed over by <systemitem
+ class="library">libsasl</systemitem> e.g. when Kerberos or PAM
+ authentication takes place.</para>
<para>Configuration options in general are read either from a file or
- passed by the application using <filename>libsasl</filename> during
- library initialization.</para>
+ passed by the application using <systemitem
+ class="library">libsasl</systemitem> during library initialization.</para>
<refsection>
<title>File-Based configuration</title>
<para>When an application (server) starts, it initializes the
- <filename>libsasl</filename> library. The application passes
- <parameter>app_name</parameter> (application name) to the SASL library.
- Its value is used to construct the name of the application specific SASL
- configuration file. The Cyrus SASL sample-server, for example, sends
- <option>sample</option> as <parameter>app_name</parameter>. Using this
- value the SASL library will search the configuration directories for a
- file named <filename>sample.conf</filename> and read configuration
- options from it.</para>
+ <systemitem class="library">libsasl</systemitem> library. The
+ application passes <parameter>app_name</parameter> (application name) to
+ the SASL library. Its value is used to construct the name of the
+ application specific SASL configuration file. The Cyrus SASL
+ sample-server, for example, sends <option>sample</option> as
+ <parameter>app_name</parameter>. Using this value the SASL library will
+ search the configuration directories for a file named
+ <filename>sample.conf</filename> and read configuration options from
+ it.</para>
<note>
<para>Consult the applications manual to determine what
@@ -66,10 +67,11 @@
<refsection>
<title>Application-Based Configuration</title>
- <para>Configuration options for <filename>libsasl</filename> are written
- down together with application specific options in the applications
- configuration file. The application reads them and passes them over to
- <filename>libsasl</filename> when it loads the library.</para>
+ <para>Configuration options for <systemitem
+ class="library">libsasl</systemitem> are written down together with
+ application specific options in the applications configuration file. The
+ application reads them and passes them over to <systemitem
+ class="library">libsasl</systemitem> when it loads the library.</para>
<note>
<para>An example for application-based configuration is the Cyrus IMAP
@@ -92,7 +94,7 @@
<term>Configuration options</term>
<listitem>
- <para>Configuration options are written each on a single logical
+ <para>Configuration options are written each on a single physical
line. Parameter and value must be separated by a colon and a single
whitespace:</para>
@@ -100,7 +102,7 @@
<important>
<para>There must be no trailing whitespace after the value or
- Cyrus SASL will fail to read the option!</para>
+ Cyrus SASL will fail to apply the value appropriately!</para>
</important>
</listitem>
</varlistentry>
@@ -319,9 +321,9 @@
</variablelist>
<important>
- <para>Cyrus SASL hands log messages up to the application that
- runs it. It is upon that application to decide if it forwards such
- messages to the <citerefentry>
+ <para>Cyrus SASL sends log messages to the application that runs
+ it. The application decides if it forwards such messages to the
+ <citerefentry>
<refentrytitle>sysklogd</refentrytitle>
<manvolnum>8</manvolnum>
@@ -418,8 +420,12 @@
<term><parameter>saslauthd_path</parameter>: (default: empty)</term>
<listitem>
- <para>Path to saslauthd run directory (including the "/mux" named
- pipe)</para>
+ <para>Path to <citerefentry>
+ <refentrytitle>saslauthd</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry> run directory (including the
+ <filename>/mux</filename> named pipe)</para>
</listitem>
</varlistentry>
</variablelist>
@@ -432,58 +438,45 @@
<refentrytitle>authdaemond</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL password verification service</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>ldapdb</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access LDAP authentication
- backends</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>libsasl</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL authentication library</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>saslauthd</refentrytitle>
<manvolnum>8</manvolnum>
- </citerefentry>, Cyrus SASL password verification service</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>saslauthd.conf</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL saslauthd LDAP configuration file</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>saslpasswd2</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, set a user’s SASL password</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>sasldblistusers2</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, list users in sasldb</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>sasldb</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access the sasldb
- authentication backend</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>sql</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access SQL authentication
- backends</para>
+ </citerefentry></para>
+ </refsection>
+
+ <refsection>
+ <title>Readme files</title>
+
+ <para><filename>README.Debian</filename></para>
</refsection>
<refsection>
Modified: cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5 (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5 Sun Dec 14 20:56:59 2008
@@ -1,59 +1,52 @@
.\" Title: saslauthd.conf
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\" Date: 11/21/2008
+.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
+.\" Date: 12/14/2008
.\" Manual:
.\" Source:
.\"
-.TH "SASLAUTHD.CONF" "5" "11/21/2008" "" ""
+.TH "SASLAUTHD\&.CONF" "5" "12/14/2008" "" ""
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-saslauthd.conf \- Cyrus SASL saslauthd LDAP configuration file
+saslauthd.conf \- saslauthd LDAP configuration file
.SH "SYNOPSIS"
.HP 10
\fBsaslauthd\fR [\-a\ ldap]
.HP 10
-\fBsaslauthd\fR [\-a\ ldap] [\-O\ \fI/etc/saslauthd.conf\fR]
+\fBsaslauthd\fR [\-a\ ldap] [\-O\ \fI/etc/saslauthd\&.conf\fR]
.SH "DESCRIPTION"
.PP
This document describes LDAP configuration options for the Cyrus SASL password verification service
-\fBsaslauthd\fR.
-.PP
-By default, if only the authentication mechanism
-\fBldap\fR
-is specified,
+\fBsaslauthd\fR\&.
+.PP
+By default
\fBsaslauthd\fR
-expects to find LDAP configuration options in
-\fI/usr/local/etc/saslauthd.conf\fR. This location can be overridden if the additional command line option
+searches for LDAP configuration options in
+\fI/usr/local/etc/saslauthd\&.conf\fR\&. This location can be overridden if the additional command line option
\fB\-O\fR
-together with the location of the configuration file is specified at startup time.
-.PP
-The following are available ldap parameters. The defaults are probably adequate for most installations. Only
+specifies an alternative path to the configuration file\&.
+.SH "SYNTAX"
+.PP
+Do not use quotes (\e"\e\') in the parameter values\&.
+.SH "OPTIONS"
+.PP
+The following are available LDAP parameters\&. The defaults are probably adequate for most installations\&. Only
\fI\fIldap_servers\fR\fR
-may need to be specified.
-.sp
-.it 1 an-trap
-.nr an-no-space-flag 1
-.nr an-break-flag 1
-.br
-\fBImportant\fR
-.PP
-Do not use quotes (\\"\\') in the parameter values.
+may need to be specified\&.
.PP
\fIldap_auth_method\fR (default: \fBbind\fR|\fBfastbind\fR)
.RS 4
-The bind method uses the LDAP bind facility to verify the password. The bind method is not available when
+The bind method uses the LDAP bind facility to verify the password\&. The bind method is not available when
\fIldap_use_sasl\fR
-is turned on. In that case saslauthd will use fastbind.
-.RS 4
+is turned on\&. In that case saslauthd will use fastbind\&.
.PP
\fBbind\fR
.RS 4
\fBbind\fR
-is the default auth method. When ldap_use_sasl is enabled, 'fastbind' is the default.
+is the default auth method\&. When ldap_use_sasl is enabled, \'fastbind\' is the default\&.
.RE
.PP
\fBcustom\fR
@@ -62,14 +55,14 @@
\fBcustom\fR
method uses
\fIuserPassword\fR
-attribute to verify the password. Supported hashes:
+attribute to verify the password\&. Supported hashes:
crypt,
md5, smd5,
sha
and
-ssha.
+ssha\&.
Cleartext
-is supported as well.
+is supported as well\&.
.RE
.PP
\fBfastbind\fR
@@ -81,14 +74,13 @@
is
\fBno\fR
\- does away with the search and an extra anonymous bind in auth_bind, but makes two assumptions:
-.RS 4
-.TP 4
-1.
-Expanding the ldap_filter expression gives the user's fully\-qualified DN
-.TP 4
-2.
-There is no cost to staying bound as a named user
-.RE
+.sp
+.RS 4
+\h'-04' 1.\h'+02'Expanding the ldap_filter expression gives the user\'s fully\-qualified DN
+.RE
+.sp
+.RS 4
+\h'-04' 2.\h'+02'There is no cost to staying bound as a named user
.RE
.RE
.RE
@@ -97,75 +89,74 @@
.RS 4
Specify
DN
-(distinguished name) to bind to the LDAP directory. Do not specify this parameter for the anonymous bind.
+(distinguished name) to bind to the LDAP directory\&. Do not specify this parameter for the anonymous bind\&.
.RE
.PP
\fIldap_bind_pw\fR (default: empty)
.RS 4
An alias for
-\fIldap_password\fR.
+\fIldap_password\fR\&.
.RE
.PP
\fIldap_default_domain\fR (default: empty)
.RS 4
An alias for
-\fIldap_default_realm\fR.
+\fIldap_default_realm\fR\&.
.RE
.PP
\fIldap_default_realm\fR (default: empty)
.RS 4
The default realm is assigned to the
\fB%r\fR
-token when realm is not available. See
+token when realm is not available\&. See
\fIldap_filter\fR
-for more.
+for more\&.
.RE
.PP
\fIldap_deref\fR (default: empty)
.RS 4
-Specify how aliases dereferencing is handled during search. Should be one of
+Specify how aliases dereferencing is handled during search\&. Should be one of
\fBnever\fR,
\fBalways\fR,
\fBsearch\fR, or
\fBfind\fR
-to specify that aliases are never dereferenced, always dereferenced, dereferenced when searching, or dereferenced only when locating the base object for the search.
+to specify that aliases are never dereferenced, always dereferenced, dereferenced when searching, or dereferenced only when locating the base object for the search\&.
.RE
.PP
\fIldap_filter\fR (default: \fBuid=%u\fR)
.RS 4
-Specify a filter. The following tokens can be used in the filter string:
-.RS 4
+Specify a filter\&. The following tokens can be used in the filter string:
.PP
\fB%%\fR
.RS 4
-This is replaced by a literal \(cq%\(cq character.
+This is replaced by a literal \(cq%\(cq character\&.
.RE
.PP
\fB%u\fR
.RS 4
\fB%u\fR
-is replaced by the complete user string.
+is replaced by the complete user string\&.
.RE
.PP
\fB%U\fR
.RS 4
If the string is an address (\fB%u\fR),
\fB%U\fR
-will be replaced by the local part of that address.
+will be replaced by the local part of that address\&.
.RE
.PP
\fB%d\fR
.RS 4
If the string is an address (\fB%u\fR),
\fB%d\fR
-will be replaced by the domain part of that address. Otherwise it will be the same as
-\fB%r\fR.
+will be replaced by the domain part of that address\&. Otherwise it will be the same as
+\fB%r\fR\&.
.RE
.PP
\fB%1\-9\fR
.RS 4
If the input key is
-user at mail.example.com, then
+user at mail\&.example\&.com, then
\fB%1\fR
is
com,
@@ -175,19 +166,19 @@
and
\fB%3\fR
is
-mail.
+mail\&.
.RE
.PP
\fB%s\fR
.RS 4
\fB%s\fR
-is replaced by the complete service string.
+is replaced by the complete service string\&.
.RE
.PP
\fB%r\fR
.RS 4
\fB%r\fR
-is replaced by the complete realm string.
+is replaced by the complete realm string\&.
.RE
.PP
\fB%D\fR
@@ -195,46 +186,45 @@
\fB%D\fR
is replaced by the complete user DN (available for group checks)
.RE
-.RE
-.IP "" 4
+.sp
The
\fB%u\fR
-token has to be used at minimum for the filter to be useful. If
+token has to be used at minimum for the filter to be useful\&. If
\fIldap_auth_method\fR
is
\fBbind\fR, the filter will search for the
DN
-(distinguished name) attribute. Otherwise, the search will look for the
+(distinguished name) attribute\&. Otherwise, the search will look for the
\fIldap_password_attr\fR
-attribute.
+attribute\&.
.RE
.PP
\fIldap_group_attr\fR (default: \fBuniqueMember\fR)
.RS 4
-Specify what attribute to compare the user DN against in the group. If
+Specify what attribute to compare the user DN against in the group\&. If
\fIldap_group_dn\fR
-is not specified, this parameter is ignored. If
+is not specified, this parameter is ignored\&. If
\fIldap_group_match_method\fR
is not
-\fBattr\fR, this parameter is ignored.
+\fBattr\fR, this parameter is ignored\&.
.RE
.PP
\fIldap_group_dn\fR (default: empty)
.RS 4
-If specified, the user has to be part of the group in order to authenticate successfully. Tokens described in
+If specified, the user has to be part of the group in order to authenticate successfully\&. Tokens described in
\fIldap_filter\fR
-can be used for substitution.
+can be used for substitution\&.
.RE
.PP
\fIldap_group_filter\fR (default: empty)
.RS 4
-Specify a filter. If a filter match is found then the user is in the group. Tokens described in
+Specify a filter\&. If a filter match is found then the user is in the group\&. Tokens described in
\fIldap_filter\fR
-can be used for for substitution. If
+can be used for for substitution\&. If
\fIldap_group_dn\fR
-is not specified, this parameter is ignored. If
+is not specified, this parameter is ignored\&. If
\fIldap_group_match_method\fR
-is not filter, this parameter is ignored.
+is not filter, this parameter is ignored\&.
.RE
.PP
\fIldap_group_match_method\fR (default: \fBattr\fR)
@@ -247,26 +237,26 @@
\fBfilter\fR
is used
\fIldap_group_search\fR
-will be used as group match method. If
+will be used as group match method\&. If
\fIldap_group_dn\fR
-is not specified, this parameter is ignored.
+is not specified, this parameter is ignored\&.
.RE
.PP
\fIldap_group_search_base\fR (default: \fIldap_search_base\fR)
.RS 4
-Specify a starting point for the group search: e.g.
-dc=example,dc=com. Tokens described in
+Specify a starting point for the group search: e\&.g\&.
+dc=example,dc=com\&. Tokens described in
\fIldap_filter\fR
-can be used for substitution.
+can be used for substitution\&.
.RE
.PP
\fIldap_group_scope\fR (default: sub)
.RS 4
-Group search scope. Options are either
+Group search scope\&. Options are either
\fBsub\fR,
\fBone\fR
or
-\fBbase\fR.
+\fBbase\fR\&.
.RE
.PP
\fIldap_password\fR (default: empty)
@@ -277,120 +267,120 @@
\fIldap_id\fR
if
\fIldap_use_sasl\fR
-is turned on. Do not specify this parameter for the anonymous bind.
+is turned on\&. Do not specify this parameter for the anonymous bind\&.
.RE
.PP
\fIldap_password_attr\fR (default: \fBuserPassword\fR)
.RS 4
-Specify what password attribute to use for password verification.
+Specify what password attribute to use for password verification\&.
.RE
.PP
\fIldap_referrals\fR (default: \fBno\fR)
.RS 4
-Specify whether or not the client should follow referrals.
+Specify whether or not the client should follow referrals\&.
.RE
.PP
\fIldap_restart\fR (default: \fByes\fR)
.RS 4
-Specify whether or not LDAP I/O operations are automatically restarted if they abort prematurely.
+Specify whether or not LDAP I/O operations are automatically restarted if they abort prematurely\&.
.RE
.PP
\fIldap_id\fR (default: empty)
.RS 4
-Specify the authentication ID for SASL bind.
+Specify the authentication ID for SASL bind\&.
.RE
.PP
\fIldap_authz_id\fR (default: empty)
.RS 4
-Specify the proxy authorization ID for SASL bind.
+Specify the proxy authorization ID for SASL bind\&.
.RE
.PP
\fIldap_mech\fR (default: empty)
.RS 4
-Specify the authentication mechanism for SASL bind.
+Specify the authentication mechanism for SASL bind\&.
.RE
.PP
\fIldap_realm\fR (default: empty)
.RS 4
-Specify the realm of authentication ID for SASL bind.
+Specify the realm of authentication ID for SASL bind\&.
.RE
.PP
\fIldap_scope\fR (default: \fBsub\fR)
.RS 4
-Search scope. Options are either
+Search scope\&. Options are either
\fBsub\fR,
\fBone\fR
or
-\fBbase\fR.
+\fBbase\fR\&.
.RE
.PP
\fIldap_search_base\fR (default: empty)
.RS 4
-Specify a starting point for the search: e.g.
-dc=example,dc=com. Tokens described in
+Specify a starting point for the search: e\&.g\&.
+dc=example,dc=com\&. Tokens described in
\fIldap_filter\fR
-can be used for substitution.
+can be used for substitution\&.
.RE
.PP
\fIldap_servers\fR (default: \fBldap://localhost/\fR)
.RS 4
-Specify one or more URI(s) referring to LDAP server(s), e.g.
-ldaps://10.1.1.2:999/. Multiple servers must be separated by space.
+Specify one or more URI(s) referring to LDAP server(s), e\&.g\&.
+ldaps://10\&.1\&.1\&.2:999/\&. Multiple servers must be separated by space\&.
.RE
.PP
\fIldap_start_tls\fR (default: \fBno\fR)
.RS 4
-Use StartTLS extended operation. Do not use ldaps: ldap_servers when this option is turned on.
+Use StartTLS extended operation\&. Do not use ldaps: ldap_servers when this option is turned on\&.
.RE
.PP
\fIldap_time_limit\fR (default: \fB5\fR)
.RS 4
-Specify a number of seconds for a search request to complete.
+Specify a number of seconds for a search request to complete\&.
.RE
.PP
\fIldap_timeout\fR (default: \fB5\fR)
.RS 4
-Specify a number of seconds a search can take before timing out.
+Specify a number of seconds a search can take before timing out\&.
.RE
.PP
\fIldap_tls_check_peer\fR (default: \fBno\fR)
.RS 4
-Require and verify server certificate. If this option is
+Require and verify server certificate\&. If this option is
\fByes\fR, you must specify
\fIldap_tls_cacert_file\fR
or
-\fIldap_tls_cacert_dir\fR.
+\fIldap_tls_cacert_dir\fR\&.
.RE
.PP
\fIldap_tls_cacert_file\fR (default: empty)
.RS 4
-File containing CA (Certificate Authority) certificate(s).
+File containing CA (Certificate Authority) certificate(s)\&.
.RE
.PP
\fIldap_tls_cacert_dir\fR (default: empty)
.RS 4
-Path to directory with CA (Certificate Authority) certificates.
+Path to directory with CA (Certificate Authority) certificates\&.
.RE
.PP
\fIldap_tls_ciphers\fR (default: \fBDEFAULT\fR)
.RS 4
-List of SSL/TLS ciphers to allow. The format of the string is described in
-\fBciphers\fR(1).
+List of SSL/TLS ciphers to allow\&. The format of the string is described in
+\fBciphers\fR(1)\&.
.RE
.PP
\fIldap_tls_cert\fR (default: empty)
.RS 4
-File containing the client certificate.
+File containing the client certificate\&.
.RE
.PP
\fIldap_tls_key\fR (default: empty)
.RS 4
-File containing the private client key.
+File containing the private client key\&.
.RE
.PP
\fIldap_use_sasl\fR (default: \fBno\fR)
.RS 4
-Use SASL bind instead of simple bind when connecting to the LDAP server.
+Use SASL bind instead of simple bind when connecting to the LDAP server\&.
.RE
.PP
\fIldap_version\fR (default: \fB3\fR)
@@ -398,36 +388,55 @@
Specify the LDAP protocol version \- either
\fB2\fR
or
-\fB3\fR. If
+\fB3\fR\&. If
\fIldap_start_tls\fR
and/or
\fIldap_use_sasl\fR
are enabled,
\fIldap_version\fR
will be automatically set to
-\fB3\fR.
+\fB3\fR\&.
+.RE
+.SH "EXAMPLE"
+.PP
+
+.sp
+.RS 4
+.nf
+.fi
.RE
.SH "SEE ALSO"
.PP
-\fBsaslauthd\fR(8)
+\fBauthdaemond\fR(5),
+\fBldapdb\fR(5),
+\fBlibsasl\fR(5),
+\fBsaslauthd\fR(8),
+\fBsaslauthd.conf\fR(5),
+\fBsaslpasswd2\fR(5),
+\fBsasldblistusers2\fR(5),
+\fBsasldb\fR(5),
+\fBsql\fR(5)
+.SH "README FILES"
+.PP
+\fIREADME\&.Debian\fR
.SH "AUTHOR(S)"
.PP
This manual is based on notes in
\fILDAP_SASLAUTHD\fR
-from Igor Brezac.
+from Igor Brezac\&.
.PP
.RS 4
.nf
Igor Brezac
-<Igor at ipass.net>
+<Igor at ipass\&.net>
.fi
.RE
.PP
-It was edited and revised for the Debian distribution because the original program does not have a manual page.
+It was edited and revised for the Debian distribution because the original program does not have a manual page\&.
.PP
.RS 4
.nf
Patrick Ben Koetter
-<p at state\-of\-mind.de>
+<p at state\-of\-mind\&.de>
.fi
.RE
Modified: cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5.xml
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5.xml?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5.xml (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/saslauthd.conf.5.xml Sun Dec 14 20:56:59 2008
@@ -11,7 +11,7 @@
<refnamediv>
<refname>saslauthd.conf</refname>
- <refpurpose>Cyrus SASL saslauthd LDAP configuration file</refpurpose>
+ <refpurpose>saslauthd LDAP configuration file</refpurpose>
</refnamediv>
<refsynopsisdiv>
@@ -36,23 +36,26 @@
<para>This document describes LDAP configuration options for the Cyrus
SASL password verification service <command>saslauthd</command>.</para>
- <para>By default, if only the authentication mechanism
- <option>ldap</option> is specified,
- <application><command>saslauthd</command></application> expects to find
- LDAP configuration options in
+ <para>By default <command>saslauthd</command> searches for LDAP
+ configuration options in
<filename>/usr/local/etc/saslauthd.conf</filename>. This location can be
overridden if the additional command line option <option>-O</option>
- together with the location of the configuration file is specified at
- startup time.</para>
-
- <para>The following are available ldap parameters. The defaults are
+ specifies an alternative path to the configuration file.</para>
+ </refsection>
+
+ <refsection>
+ <title>Syntax</title>
+
+ <para>Do not use quotes (\"\') in the parameter values.</para>
+ </refsection>
+
+ <refsection>
+ <title>Options</title>
+
+ <para>The following are available LDAP parameters. The defaults are
probably adequate for most installations. Only
<parameter><parameter>ldap_servers</parameter></parameter> may need to be
specified.</para>
-
- <important>
- <para>Do not use quotes (\"\') in the parameter values.</para>
- </important>
<variablelist>
<varlistentry>
@@ -557,40 +560,59 @@
</refsection>
<refsection>
+ <title>Example</title>
+
+ <para></para>
+
+ <programlisting></programlisting>
+ </refsection>
+
+ <refsection>
<title>See also</title>
<para><citerefentry>
+ <refentrytitle>authdaemond</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>ldapdb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>libsasl</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
<refentrytitle>saslauthd</refentrytitle>
<manvolnum>8</manvolnum>
- </citerefentry>, Cyrus SASL password verification service</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>saslauthd.conf</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL saslauthd LDAP configuration file</para>
-
- <para><citerefentry>
- <refentrytitle>ldapdb</refentrytitle>
-
- <manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access LDAP authentication
- backends</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslpasswd2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldblistusers2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
<refentrytitle>sasldb</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access the sasldb
- authentication backend</para>
-
- <para><citerefentry>
+ </citerefentry>, <citerefentry>
<refentrytitle>sql</refentrytitle>
<manvolnum>5</manvolnum>
- </citerefentry>, Cyrus SASL auxprop plugin to access SQL authentication
- backends</para>
+ </citerefentry></para>
+ </refsection>
+
+ <refsection>
+ <title>Readme files</title>
+
+ <para><filename>README.Debian</filename></para>
</refsection>
<refsection>
Modified: cyrus-sasl-2.1/trunk/debian/doc/sasldb.5
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/sasldb.5?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/sasldb.5 (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/sasldb.5 Sun Dec 14 20:56:59 2008
@@ -1,51 +1,50 @@
.\" Title: sasldb
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\" Date: 11/21/2008
+.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
+.\" Date: 12/14/2008
.\" Manual:
.\" Source:
.\"
-.TH "SASLDB" "5" "11/21/2008" "" ""
+.TH "SASLDB" "5" "12/14/2008" "" ""
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-sasldb \- Cyrus SASL auxprop plugin to access the sasldb authentication backend
+sasldb \- auxiliary property plugin
.SH "SYNOPSIS"
.PP
-\fIauxprop_plugin\fR:
-\fBsasldb\fR
+Cyrus SASL auxprop plugin to access the sasldb authentication backend
.SH "DESCRIPTION"
.PP
This document describes configuration options for the Cyrus SASL auxiliary property plugin
-\fBsasldb\fR.
+\fBsasldb\fR\&.
.PP
\fBsasldb\fR
-is the default and fallback plugin. It will be used if explicitly configured, but also if other mechanisms have failed to load e.g. because they haven't been configured properly.
+is the default and fallback plugin\&. It will be used if explicitly configured, but also if other mechanisms have failed to load e\&.g\&. because they haven\'t been configured properly\&.
.PP
-This plugin reads all user data from a Berkeley database. On Debian systems the default location for this database is
-\fI/etc/sasldb2\fR.
+This plugin reads all user data from a Berkeley database\&. On Debian systems the default location for this database is
+\fI/etc/sasldb2\fR\&.
.PP
-Passwords are stored in plaintext format to enable usage of shared\-secret mechanisms. To protect the passwords, access has been restricted to user
+Passwords are stored in plaintext format to enable usage of shared\-secret mechanisms\&. To protect the passwords, access has been restricted to user
root
and group
-sasl. An application must be member of the
+sasl\&. An application must be member of the
sasl
group to conduct
\fBsasldb\fR
-SASL authentication.
+SASL authentication\&.
.PP
Use the
\fBsaslpasswd2\fR(8)
utility to create and modify
\fBsasldb\fR
-users. The
+users\&. The
\fBsasldblistusers2\fR(8)
command prints a list of existing
\fBsasldb\fR
users to
-STDOUT.
+STDOUT\&.
.SH "OPTIONS"
.PP
The following configuration parameters are applicable in the context of the
@@ -57,15 +56,15 @@
Specifies the path to the database when
\fIauxprop_plugin\fR:
\fBsasldb\fR
-is used. The default path is system dependant, but usually
-\fI/etc/sasldb2\fR.
+is used\&. The default path is system dependant, but usually
+\fI/etc/sasldb2\fR\&.
.RE
.SH "EXAMPLE"
.PP
The following example shows a typical
\fBsasldb\fR
-configuration. The database is located at the default location
-\fI/etc/sasldb2\fR.
+configuration\&. The database is located at the default location
+\fI/etc/sasldb2\fR\&.
.sp
.RS 4
.nf
@@ -76,29 +75,26 @@
.RE
.SH "SEE ALSO"
.PP
-\fBauthdaemond\fR(5), Cyrus SASL password verification service
+\fBauthdaemond\fR(5),
+\fBldapdb\fR(5),
+\fBlibsasl\fR(5),
+\fBsaslauthd\fR(8),
+\fBsaslauthd.conf\fR(5),
+\fBsaslpasswd2\fR(5),
+\fBsasldblistusers2\fR(5),
+\fBsasldb\fR(5),
+\fBsql\fR(5)
+.SH "README FILES"
.PP
-\fBldapdb\fR(5), Cyrus SASL auxprop plugin to access LDAP authentication backends
-.PP
-\fBsaslauthd\fR(8), Cyrus SASL password verification service
-.PP
-\fBsaslauthd.conf\fR(5), Cyrus SASL saslauthd LDAP configuration file
-.PP
-\fBsaslpasswd2\fR(5), set a user\(cqs SASL password
-.PP
-\fBsasldblistusers2\fR(5), list users in sasldb
-.PP
-\fBsasldb\fR(5), Cyrus SASL auxprop plugin to access the sasldb authentication backend
-.PP
-\fBsql\fR(5), Cyrus SASL auxprop plugin to access SQL authentication backends
+\fIREADME\&.Debian\fR
.SH "AUTHOR"
.PP
-This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's
-\fIoptions.html\fR.
+This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s
+\fIoptions\&.html\fR\&.
.PP
.RS 4
.nf
Patrick Ben Koetter
-<p at state\-of\-mind.de>
+<p at state\-of\-mind\&.de>
.fi
.RE
Added: cyrus-sasl-2.1/trunk/debian/doc/sasldb.5.xml
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/sasldb.5.xml?rev=400&op=file
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/sasldb.5.xml (added)
+++ cyrus-sasl-2.1/trunk/debian/doc/sasldb.5.xml Sun Dec 14 20:56:59 2008
@@ -1,0 +1,148 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<refentry>
+ <refmeta>
+ <refentrytitle>sasldb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>sasldb</refname>
+
+ <refpurpose>auxiliary property plugin</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para>Cyrus SASL auxprop plugin to access the sasldb authentication
+ backend</para>
+ </refsynopsisdiv>
+
+ <refsection>
+ <title>Description</title>
+
+ <para>This document describes configuration options for the Cyrus SASL
+ auxiliary property plugin <option>sasldb</option>.</para>
+
+ <para><option>sasldb</option> is the default and fallback plugin. It will
+ be used if explicitly configured, but also if other mechanisms have failed
+ to load e.g. because they haven't been configured properly.</para>
+
+ <para>This plugin reads all user data from a Berkeley database. On Debian
+ systems the default location for this database is
+ <filename>/etc/sasldb2</filename>.</para>
+
+ <para>Passwords are stored in plaintext format to enable usage of
+ shared-secret mechanisms. To protect the passwords, access has been
+ restricted to user <systemitem class="username">root</systemitem> and
+ group <systemitem class="groupname">sasl</systemitem>. An application must
+ be member of the <systemitem class="groupname">sasl</systemitem> group to
+ conduct <option>sasldb</option> SASL authentication.</para>
+
+ <para>Use the <citerefentry>
+ <refentrytitle>saslpasswd2</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry> utility to create and modify <option>sasldb</option>
+ users. The <citerefentry>
+ <refentrytitle>sasldblistusers2</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry> command prints a list of existing
+ <option>sasldb</option> users to <literal>STDOUT</literal>.</para>
+ </refsection>
+
+ <refsection>
+ <title>Options</title>
+
+ <para>The following configuration parameters are applicable in the context
+ of the <option>sasldb</option> plugin:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><parameter>sasldb_path</parameter>: (default:
+ <filename>/etc/sasldb2</filename>)</term>
+
+ <listitem>
+ <para>Specifies the path to the database when
+ <parameter>auxprop_plugin</parameter>: <option>sasldb</option> is
+ used. The default path is system dependant, but usually
+ <filename>/etc/sasldb2</filename>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsection>
+
+ <refsection>
+ <title>Example</title>
+
+ <para>The following example shows a typical <option>sasldb</option>
+ configuration. The database is located at the default location
+ <filename>/etc/sasldb2</filename>.</para>
+
+ <programlisting>pwcheck_method: auxprop
+auxprop_plugin: sasldb
+mech_list: plain login cram-md5 digest-md5</programlisting>
+ </refsection>
+
+ <refsection>
+ <title>See also</title>
+
+ <para><citerefentry>
+ <refentrytitle>authdaemond</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>ldapdb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>libsasl</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd.conf</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslpasswd2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldblistusers2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sql</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry></para>
+ </refsection>
+
+ <refsection>
+ <title>Readme files</title>
+
+ <para><filename>README.Debian</filename></para>
+ </refsection>
+
+ <refsection>
+ <title>Author</title>
+
+ <para>This manual was written for the Debian distribution because the
+ original program does not have a manual page. Parts of the documentation
+ have been taken from the Cyrus SASL's
+ <filename>options.html</filename>.</para>
+
+ <para><address>Patrick Ben Koetter
+<email>p at state-of-mind.de</email></address></para>
+ </refsection>
+</refentry>
Modified: cyrus-sasl-2.1/trunk/debian/doc/sql.5
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/sql.5?rev=400&op=diff
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/sql.5 (original)
+++ cyrus-sasl-2.1/trunk/debian/doc/sql.5 Sun Dec 14 20:56:59 2008
@@ -1,60 +1,61 @@
.\" Title: sql
.\" Author:
-.\" Generator: DocBook XSL Stylesheets v1.71.1 <http://docbook.sf.net/>
-.\" Date: 11/30/2008
-.\" Manual:
+.\" Generator: DocBook XSL Stylesheets v1.73.2 <http://docbook.sf.net/>
+.\" Date: 12/14/2008
+.\" Manual: Cyrus SASL sql auxprop plugin
.\" Source:
.\"
-.TH "SQL" "5" "11/30/2008" "" ""
+.TH "SQL" "5" "12/14/2008" "" "Cyrus SASL sql auxprop plugin"
.\" disable hyphenation
.nh
.\" disable justification (adjust text to left margin only)
.ad l
.SH "NAME"
-sql \- Cyrus SASL auxprop plugin to access sql authentication backends
+sql \- auxiliary property plugin
.SH "SYNOPSIS"
.PP
-\fIauxprop_plugin\fR:
-\fBsql\fR
+Cyrus SASL auxprop plugin to access sql authentication backends\&.
.SH "DESCRIPTION"
.PP
This document describes configuration options for the Cyrus SASL auxiliary property plugin
-\fBsql\fR.
-.PP
-\fBsql\fR
-is a generic plugin for various SQL backends. Currently it provides access to either MySQL, PostgreSQL or SQLite databases.
+\fBsql\fR\&.
+.PP
+\fBsql\fR
+is a generic plugin for various SQL backends\&. Currently it provides access to either MySQL, PostgreSQL or SQLite databases\&.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
-\fBNote\fR
-.PP
-The plugin requires that passwords are stored in plaintext format to use shared\-secret mechanisms.
+Note
+.PP
+The plugin requires that passwords in the database are stored in plaintext format in order to use shared\-secret mechanisms\&.
.SH "CONFIGURATION SYNTAX"
.PP
The following syntax is mandatory for
\fBsql\fR
plugin configuration:
-.TP 4
-\(bu
-SQL statements specified with
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'SQL statements specified with
\fIsql_select\fR,
\fIsql_select\fR
and
\fIsql_select\fR
-must not be enclosed in quotes.
-.TP 4
-\(bu
-Macros, e.g.
+must not be enclosed in quotes\&.
+.RE
+.sp
+.RS 4
+\h'-04'\(bu\h'+03'Macros, e\&.g\&.
\fB%u\fR,
\fB%r\fR
and
-\fB%v\fR, specified within SQL statements must be quoted individually.
+\fB%v\fR, specified within SQL statements must be quoted individually\&.
+.RE
.PP
See
the section called \(lqEXAMPLE\(rq
-for a valid configuration example.
+for a valid configuration example\&.
.SH "OPTIONS"
.PP
The following configuration parameters are applicable in the context of the
@@ -63,78 +64,76 @@
.PP
\fIsql_engine\fR (default: \fBmysql\fR)
.RS 4
-Specifies the type of SQL engine to use for connections to the SQL backend. The following types are available:
-.RS 4
+Specifies the type of SQL engine to use for connections to the SQL backend\&. The following types are available:
.PP
\fBmysql\fR
.RS 4
-Enables the mysql driver for connections to a MySQL server.
+Enables the mysql driver for connections to a MySQL server\&.
.RE
.PP
\fBpgsql\fR
.RS 4
-Enables the pgsql driver for connections to a PostgreSQL server.
+Enables the pgsql driver for connections to a PostgreSQL server\&.
.RE
.PP
\fBsqlite\fR
.RS 4
-Enables the sqlite driver for connections to a SQLite server.
-.RE
+Enables the sqlite driver for connections to a SQLite server\&.
.RE
.RE
.PP
\fIsql_hostnames\fR (default: empty)
.RS 4
-A comma\-separated list of one or more SQL servers the plugin should try to connect to and query from. Specify servers separated in
+A comma\-separated list of one or more SQL servers the plugin should try to connect to and query from\&. Specify servers separated in
hostname[:port]
-format.
+format\&.
.sp
.it 1 an-trap
.nr an-no-space-flag 1
.nr an-break-flag 1
.br
-\fBNote\fR
+Note
Specify
localhost
when using the MySQL engine to communicate over a UNIX domain socket and
-127.0.0.1
-to attempt a connection that uses a TCP socket.
+127\&.0\&.0\&.1
+to attempt a connection that uses a TCP socket\&.
.RE
.PP
\fIsql_user\fR (default empty)
.RS 4
-Configures the username the plugin will send when it authenticates to the SQL server.
+Configures the username the plugin will send when it authenticates to the SQL server\&.
.RE
.PP
\fIsql_passwd\fR (defaults: empty)
.RS 4
-Configures the password the plugin will send when it authenticates to the SQL server.
+Configures the password the plugin will send when it authenticates to the SQL server\&.
.RE
.PP
\fIsql_database\fR (default: empty)
.RS 4
-Specifies the name of the database which contains auxiliary properties (e.g. username, realm, password etc.)
+Specifies the name of the database which contains auxiliary properties (e\&.g\&. username, realm, password etc\&.)
.RE
.PP
\fIsql_select\fR (default: empty)
.RS 4
Mandatory
SELECT
-statement used to fetch properties from the SQL database.
+statement used to fetch properties from the SQL database\&.
.RE
.PP
\fIsql_insert\fR (default: empty)
.RS 4
Optional
INSERT
-statement used to create properties for new users in the SQL database.
+statement used to create properties for new users in the SQL database\&.
.RE
.PP
\fIsql_update\fR (default: empty)
.RS 4
Optional
UPDATE
-statement used to modify properties in the SQL database.
+statement used to modify properties in the SQL database\&.
.RE
.PP
\fIsql_usessl\fR (default: \fBno\fR)
@@ -144,9 +143,9 @@
\fBon\fR,
\fB1\fR
or
-\fBtrue\fR, and the plugin will try to establish a secure connection to the SQL server.
-.sp
-Does this really work? I remember it doesn't ...
+\fBtrue\fR, and the plugin will try to establish a secure connection to the SQL server\&.
+.sp
+Does this really work? I remember it doesn\'t \&.\&.\&.
.RE
.SS "Macros"
.PP
@@ -155,33 +154,33 @@
\fIsql_select\fR
and
\fIsql_select\fR
-statements. They will be replaced with arguments sent from the client. The following macros exist:
+statements\&. They will be replaced with arguments sent from the client\&. The following macros exist:
.PP
%u
.RS 4
-The name of the user whose properties are being selected, inserted or updated.
+The name of the user whose properties are being selected, inserted or updated\&.
.RE
.PP
%p
.RS 4
-The name of the property being selected, inserted or updated. While this could technically be anything, Cyrus SASL will try
+The name of the property being selected, inserted or updated\&. While this could technically be anything, Cyrus SASL will try
\fIuserPassword\fR
and
\fIcmusaslsecret\fR\fI\fIMECHNAME\fR\fR
(where
\fIMECHNAME\fR
-is the name of a SASL mechanism).
+is the name of a SASL mechanism)\&.
.RE
.PP
%r
.RS 4
-Name of the realm to which the user belongs. This could be the KERBEROS realm, the FQDN of the computer the SASL application is running on or whatever is after the @ on a username.
+Name of the realm to which the user belongs\&. This could be the KERBEROS realm, the FQDN of the computer the SASL application is running on or whatever is after the @ on a username\&.
.RE
.PP
%v
.RS 4
-Value of the property being stored during insert or update operations. While this could technically be anything depending on the property itself, it generally is a
-\fIuserPassword\fR.
+Value of the property being stored during insert or update operations\&. While this could technically be anything depending on the property itself, it generally is a
+\fIuserPassword\fR\&.
.RE
.SH "EXAMPLE"
.PP
@@ -195,40 +194,35 @@
auxprop_plugin: sql
mech_list: plain login cram\-md5 digest\-md5
sql_engine: pgsql
-sql_hostnames: 127.0.0.1, 192.0.2.1
+sql_hostnames: 127\&.0\&.0\&.1, 192\&.0\&.2\&.1
sql_user: username
sql_passwd: secret
sql_database: company
-sql_select: SELECT password FROM users WHERE user = '%u'@'%r'
+sql_select: SELECT password FROM users WHERE user = \'%u\'@\'%r\'
.fi
.RE
.SH "SEE ALSO"
.PP
-\fBauthdaemond\fR(5), Cyrus SASL password verification service
-.PP
-\fBauxprop5, Cyrus SASL list of auxiliary property plugins\fR()
-.PP
-\fBauxprop\-ldapdb\fR(5), Cyrus SASL auxprop plugin to access LDAP authentication backends
-.PP
-\fBauxprop\-sasldb\fR(5), Cyrus SASL auxprop plugin to access the sasldb authentication backend
-.PP
-\fBauxprop\-sql\fR(5), Cyrus SASL auxprop plugin to access SQL authentication backends
-.PP
-\fBsaslauthd\fR(8), Cyrus SASL password verification service
-.PP
-\fBsaslauthd.conf\fR(5), Cyrus SASL saslauthd LDAP configuration file
-.PP
-\fBsaslpasswd2\fR(5), set a user\(cqs SASL password
-.PP
-\fBsasldblistusers2\fR(5), list users in sasldb
+\fBauthdaemond\fR(5),
+\fBldapdb\fR(5),
+\fBlibsasl\fR(5),
+\fBsaslauthd\fR(8),
+\fBsaslauthd.conf\fR(5),
+\fBsaslpasswd2\fR(5),
+\fBsasldblistusers2\fR(5),
+\fBsasldb\fR(5),
+\fBsql\fR(5)
+.SH "README FILES"
+.PP
+\fIREADME\&.Debian\fR
.SH "AUTHOR"
.PP
-This manual was written for the Debian distribution because the original program does not have a manual page. Parts of the documentation have been taken from the Cyrus SASL's
-\fIoptions.html\fR.
+This manual was written for the Debian distribution because the original program does not have a manual page\&. Parts of the documentation have been taken from the Cyrus SASL\'s
+\fIoptions\&.html\fR\&.
.PP
.RS 4
.nf
Patrick Ben Koetter
-<p at state\-of\-mind.de>
+<p at state\-of\-mind\&.de>
.fi
.RE
Added: cyrus-sasl-2.1/trunk/debian/doc/sql.5.xml
URL: http://svn.debian.org/wsvn/pkg-cyrus-sasl2/cyrus-sasl-2.1/trunk/debian/doc/sql.5.xml?rev=400&op=file
==============================================================================
--- cyrus-sasl-2.1/trunk/debian/doc/sql.5.xml (added)
+++ cyrus-sasl-2.1/trunk/debian/doc/sql.5.xml Sun Dec 14 20:56:59 2008
@@ -1,0 +1,329 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
+"http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+<refentry id="auxprop-sql.5">
+ <refentryinfo>
+ <title>Cyrus SASL sql auxprop plugin</title>
+ </refentryinfo>
+
+ <refmeta>
+ <refentrytitle>sql</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </refmeta>
+
+ <refnamediv>
+ <refname>sql</refname>
+
+ <refpurpose>auxiliary property plugin</refpurpose>
+ </refnamediv>
+
+ <refsynopsisdiv>
+ <para>Cyrus SASL auxprop plugin to access sql authentication
+ backends.</para>
+ </refsynopsisdiv>
+
+ <refsection>
+ <title>Description</title>
+
+ <para>This document describes configuration options for the Cyrus SASL
+ auxiliary property plugin <option>sql</option>.</para>
+
+ <para><option>sql</option> is a generic plugin for various SQL backends.
+ Currently it provides access to either MySQL, PostgreSQL or SQLite
+ databases.</para>
+
+ <note>
+ <para>The plugin requires that passwords in the database are stored in
+ plaintext format in order to use shared-secret mechanisms.</para>
+ </note>
+ </refsection>
+
+ <refsection>
+ <title>Configuration Syntax</title>
+
+ <para>The following syntax is mandatory for <option>sql</option> plugin
+ configuration:</para>
+
+ <itemizedlist>
+ <listitem>
+ <para>SQL statements specified with <parameter>sql_select</parameter>,
+ <parameter>sql_select</parameter> and
+ <parameter>sql_select</parameter> must not be enclosed in
+ quotes.</para>
+ </listitem>
+
+ <listitem>
+ <para>Macros, e.g. <option>%u</option>, <option>%r</option> and
+ <option>%v</option>, specified within SQL statements must be quoted
+ individually.</para>
+ </listitem>
+ </itemizedlist>
+
+ <para>See <xref linkend="example" /> for a valid configuration
+ example.</para>
+ </refsection>
+
+ <refsection>
+ <title>Options</title>
+
+ <para>The following configuration parameters are applicable in the context
+ of the <option>sql</option> plugin:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><parameter>sql_engine</parameter> (default:
+ <option>mysql</option>)</term>
+
+ <listitem>
+ <para>Specifies the type of SQL engine to use for connections to the
+ SQL backend. The following types are available:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term><option>mysql</option></term>
+
+ <listitem>
+ <para>Enables the mysql driver for connections to a MySQL
+ server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>pgsql</option></term>
+
+ <listitem>
+ <para>Enables the pgsql driver for connections to a PostgreSQL
+ server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><option>sqlite</option></term>
+
+ <listitem>
+ <para>Enables the sqlite driver for connections to a SQLite
+ server.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_hostnames</parameter> (default: empty)</term>
+
+ <listitem>
+ <para>A comma-separated list of one or more SQL servers the plugin
+ should try to connect to and query from. Specify servers separated
+ in <literal>hostname[:port]</literal> format.</para>
+
+ <note>
+ <para>Specify <systemitem class="server">localhost</systemitem>
+ when using the MySQL engine to communicate over a UNIX domain
+ socket and <systemitem class="ipaddress">127.0.0.1</systemitem> to
+ attempt a connection that uses a TCP socket.</para>
+ </note>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_user</parameter> (default empty)</term>
+
+ <listitem>
+ <para>Configures the username the plugin will send when it
+ authenticates to the SQL server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_passwd</parameter> (defaults: empty)</term>
+
+ <listitem>
+ <para>Configures the password the plugin will send when it
+ authenticates to the SQL server.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_database</parameter> (default: empty)</term>
+
+ <listitem>
+ <para>Specifies the name of the database which contains auxiliary
+ properties (e.g. username, realm, password etc.)</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_select</parameter> (default: empty)</term>
+
+ <listitem>
+ <para>Mandatory <literal>SELECT</literal> statement used to fetch
+ properties from the SQL database.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_insert</parameter> (default: empty)</term>
+
+ <listitem>
+ <para>Optional <literal>INSERT</literal> statement used to create
+ properties for new users in the SQL database.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_update</parameter> (default: empty)</term>
+
+ <listitem>
+ <para>Optional <literal>UPDATE</literal> statement used to modify
+ properties in the SQL database.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term><parameter>sql_usessl</parameter> (default:
+ <option>no</option>)</term>
+
+ <listitem>
+ <para>Specify either <option>yes</option>, <option>on</option>,
+ <option>1</option> or <option>true</option>, and the plugin will try
+ to establish a secure connection to the SQL server.</para>
+
+ <remark>Does this really work? I remember it doesn't ...</remark>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+
+ <refsection>
+ <title>Macros</title>
+
+ <para>The sql plugin provides macros to build
+ <parameter>sql_select</parameter>, <parameter>sql_select</parameter> and
+ <parameter>sql_select</parameter> statements. They will be replaced with
+ arguments sent from the client. The following macros exist:</para>
+
+ <variablelist>
+ <varlistentry>
+ <term>%u</term>
+
+ <listitem>
+ <para>The name of the user whose properties are being selected,
+ inserted or updated.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%p</term>
+
+ <listitem>
+ <para>The name of the property being selected, inserted or
+ updated. While this could technically be anything, Cyrus SASL will
+ try <parameter>userPassword</parameter> and
+ <parameter>cmusaslsecret<replaceable>MECHNAME</replaceable></parameter>
+ (where <replaceable>MECHNAME</replaceable> is the name of a SASL
+ mechanism).</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%r</term>
+
+ <listitem>
+ <para>Name of the realm to which the user belongs. This could be
+ the KERBEROS realm, the FQDN of the computer the SASL application
+ is running on or whatever is after the @ on a username.</para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>%v</term>
+
+ <listitem>
+ <para>Value of the property being stored during insert or update
+ operations. While this could technically be anything depending on
+ the property itself, it generally is a
+ <parameter>userPassword</parameter>.</para>
+ </listitem>
+ </varlistentry>
+ </variablelist>
+ </refsection>
+ </refsection>
+
+ <refsection id="example">
+ <title>Example</title>
+
+ <para>The following example shows a typical <option>sql</option>
+ configuration:</para>
+
+ <programlisting>pwcheck_method: auxprop
+auxprop_plugin: sql
+mech_list: plain login cram-md5 digest-md5
+sql_engine: pgsql
+sql_hostnames: 127.0.0.1, 192.0.2.1
+sql_user: username
+sql_passwd: secret
+sql_database: company
+sql_select: SELECT password FROM users WHERE user = '%u'@'%r'</programlisting>
+ </refsection>
+
+ <refsection>
+ <title>See also</title>
+
+ <para><citerefentry>
+ <refentrytitle>authdaemond</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>ldapdb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>libsasl</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd</refentrytitle>
+
+ <manvolnum>8</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslauthd.conf</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>saslpasswd2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldblistusers2</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sasldb</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry>, <citerefentry>
+ <refentrytitle>sql</refentrytitle>
+
+ <manvolnum>5</manvolnum>
+ </citerefentry></para>
+ </refsection>
+
+ <refsection>
+ <title>Readme files</title>
+
+ <para><filename>README.Debian</filename></para>
+ </refsection>
+
+ <refsection>
+ <title>Author</title>
+
+ <para>This manual was written for the Debian distribution because the
+ original program does not have a manual page. Parts of the documentation
+ have been taken from the Cyrus SASL's
+ <filename>options.html</filename>.</para>
+
+ <para><address>Patrick Ben Koetter
+<email>p at state-of-mind.de</email></address></para>
+ </refsection>
+</refentry>
More information about the Pkg-cyrus-sasl2-commits
mailing list