[WBEL-users] SASL with LDAP Support

Kirby C. Bohling kbohling@birddog.com
Tue, 30 Nov 2004 18:49:17 -0600 

On Tue, Nov 30, 2004 at 06:00:57PM -0600, Richard Petty wrote:
> I'm working on email service to run on my home server ( 
> http://www.wanderingbarque.com/mailserver.html ).
> 
> The author mentioned that he had to compile his own SASL because the RPM 
> version didn't support LDAP but he doesn't say how he knows this.

Presumable because unless the packager was attempting to be obtuse
and including --with-ldap thru some secret magic environment
variable, --with-ldap isn't in the configure argument list, and
running ./configure --help in the unpacked directory (rpmbuild -bp
cyrus-sasl), it says that --with-ldap is experimental, and off by
default.  

[kbohling@hawk cyrus-sasl-2.1.15]$ ./configure --help
...<snip>...

Optional Packages:
  --with-PACKAGE[=ARG]    use PACKAGE [ARG=yes]
...<snip>...
  --with-ldap=DIR         use LDAP (in DIR) for saslauthd (experimental) no


	I'm going to say that barring RH doing something just insanely
silly, it ain't there.  Short of mailing the packager, you won't get
a better answer.  It looks like nalin@redhat.com is a common
contributor to this package.  I've e-mailed him before, he's
responsive and nice.  The last person to actually touch it before
John Morris was notting@redhat.com, I've never communicated with
him before so I can't say anything about him.

> 
> I had already checked a couple of the things that you suggested but, 
> like you said, there's nothing really definitive.
> 
> I hate to spoil my system RPM database consistency by compiling my own 
> stuff on the side but if I have no choice...

If I were you, I'd edit the section that looks like this:

pushd cyrus-sasl-%{version}
LIBS="-lcrypt"; export LIBS
%configure \
    --enable-static --with-pic --enable-shared --disable-java \
    --with-plugindir=%{_plugindir2} \
    --disable-krb4 \
    --enable-gssapi${krb5_prefix:+=${krb5_prefix}} \
    --with-rc4 \
    --with-dblib=berkeley \
    --with-saslauthd=/var/run/saslauthd --without-pwcheck \
    --with-devrandom=/dev/urandom \
    --enable-anon \
    --enable-cram \
    --enable-digest \
    --enable-plain \
    --enable-login
    # --enable-auth-sasldb -- EXPERIMENTAL
make sasldir=%{_plugindir2}
make -C saslauthd testsaslauthd
popd

to include "--with-ldap" in the list somewhere.  You'll have to
change the name of the RPM via the Release setting at the top
(change the "WB1" to something else that notes that you changed it
locally).  You might have to change the dependency list (not sure
how you do that, as I don't see it depending on much if anything).
Then you could keep your RPM database consistant.  However, you
build the software and install it locally, you should be able to
install the same thing via the SRPM just by editting the
%configure section of the source RPM.

When edit the specfile, run rpmbuild -bc,  and go find the saslauthd
in the build directory --with-ldap, then run ldd on it, it includes
"libldap".  So I'd say it's safe to conclude that RedHat/WB don't
include ldap support.

Sorry if you know all this stuff, it's just how I'd do it.  Not sure
if you knew how, but discarded it as "not good enough".  I've never
rebuilt RPM's to add features, but I have done just enough to add a
bugfix patch to an RPM that RedHat didn't.  Figured I'd share.

	Thanks,
		Kirby