unixdev.net


Switch to SpeakEasy.net DSL

The Modular Manual Browser

Home Page
Manual: (SunOS-5.10)
Page:
Section:
Apropos / Subsearch:
optional field

sasl_appname.conf(4)             File Formats             sasl_appname.conf(4)



NAME
       sasl_appname.conf - SASL options and configuration file

SYNOPSIS
       /etc/sasl/appname.conf

DESCRIPTION
       The  /etc/sasl/appname.conf  file is a user-supplied configuration file
       that supports user set options for server applications.

       You can modify the behavior of libsasl  and  its  plug-ins  for  server
       applications  by  specifying  option  values  in /etc/sasl/appname.conf
       file, where appname is the application defined name of the application.
       For  sendmail,  the  file  would  be  /etc/sasl/Sendmail.conf. See your
       application documentation for information on the application name.

       Options that you set in  a  appname.conf  file  do  not  override  SASL
       options specified by the application itself.

       The format for each option setting is:

       option_name:value.


       You can comment lines in the file by using a leading #.

       The  SASL  library  supports  the following options for server applica-
       tions:

       auto_transition                 When set to yes, plain users and  login
                                       plug-ins are automatically transitioned
                                       to other mechanisms when they do a suc-
                                       cessful  plaintext  authentication. The
                                       default value  for  auto_transition  is
                                       no.



       auxprop_plugin                  A space-separated list of names of aux-
                                       iliary property  plug-ins  to  use.  By
                                       default,  SASL  will  use  or query all
                                       available auxiliary property plug-ins.



       canon_user_plugin               The name of the canonical user  plug-in
                                       to   use.  By  default,  the  value  of
                                       canon_user_plugin is INTERNAL, to indi-
                                       cated the use of built-in plug-ins..



       log_level                       An  integer value for the desired level
                                       of logging for a server, as defined  in
                                       <&lt;sasl.h>&gt;.  This  sets  the log_level in
                                       the  sasl_server_params_t   struct   in
                                       /usr/include/sasl/saslplug.h.       The
                                       default value for  log_level  is  1  to
                                       indicate SASL_LOG_ERR.



       mech_list                       Whitespace separated list of SASL mech-
                                       anisms to allow, for  example,  DIGEST-
                                       MD5  GSSAPI.  The  mech_list  option is
                                       used to restrict the  mechanisms  to  a
                                       subset  of  the  installed plug-ins. By
                                       default, SASL will  use  all  available
                                       mechanisms.



       pw_check                        Whitespace separated list of mechanisms
                                       used to verify passwords that are  used
                                       by  sasl_checkpass(3SASL).  The default
                                       value for pw_check is auxprop.



       reauth_timeout                   This SASL option is used by the server
                                       DIGEST-MD5   plug-in.   The   value  of
                                       reauth_timeout is the  length  in  time
                                       (in minutes) that authentication infor-
                                       mation will be cached for a fast  reau-
                                       thorization.  A value of 0 will disable
                                       reauthorization. The default  value  of
                                       reauth_timeout is 1440 (24 hours).



       server_load_mech_list            A  space  separated list of mechanisms
                                       to load. If in the process  of  loading
                                       server  plug-ns  no  desired mechanisms
                                       are included in the plug-in, the  plug-
                                       in  will  be unloaded. By default, SASL
                                       loads all server plug-ins.



       user_authid                     If the value  of  user_authid  is  yes,
                                       then the GSSAPI will acquire the client
                                       credentials rather than use the default
                                       credentials  when  it  creates  the GSS
                                       client security  context.  The  default
                                       value  of  user_authid  is  no, whereby
                                       SASL uses the default  client  Kerberos
                                       identity.



ATTRIBUTES
       See attributes(5) for descriptions of the following attributes:


       tab()     allbox;     cw(2.750000i)|    cw(2.750000i)    lw(2.750000i)|
       lw(2.750000i).  ATTRIBUTE  TYPEATTRIBUTE  VALUE  Interface  StabilityT{
       Evolving T}


SEE ALSO
       attributes(5)



SunOS 5.10                        14 Oct 2003             sasl_appname.conf(4)