Bug#447991: cyrus-sasl2: Improve documentation for use case: chrooted Postfix + auxprop

[Fabian Fagerholm]

Package: cyrus-sasl2
Severity: wishlist

User feedback on the upstream mailing list indicates
that users have difficulties when running a chrooted
Postfix with a SASL auxprop mechanism.

For example, if the Postfix smtpd runs chrooted, it is
difficult to use the sql auxprop to fetch passwords from
a MySQL database, because the MySQL socket does not exist
inside the Postfix chroot. The MySQL code in the sql plugin
does support connecting over TCP/IP instead of a socket,
but the MySQL documentation is a little bit unclear on
when TCP/IP is used and when a socket is used. Apparently,
using an IP address should result in a TCP/IP connection,
while the string "localhost" is treated specially: on
UNIX (and thus Linux) it means "connect using socket".

The wishlist bug is: improve Debian documentation in the
cyrus-sasl2 (cyrus-sasl2-doc?) package to explain how to
use a chrooted Postfix with an auxprop mechanism. The
documentation must probably include different scenarios
for each auxprop plugin, and possibly even for different
options for particular plugins (such as mysql vs. postgresql
with the sql plugin). If the documentation can be made
somewhat generic (ie. not Postfix-specific), then that would
be even better.

Also note that the documentation can say that something is
unsupported and very difficult, and encourage people to
report their success stories.

-- 
Fabian Fagerholm <fabbe at paniq.net>