discuss: Thread: The Postfix-Cyrus-Sasl_Auxprop-MySQL-Web_Cyradm FQUN Howto with Virtual Domain Support on Fedora Core Three

Hello LDP Volunteers:

I have been working on a Howto that is a branch from Luc
Delouw's Postfix-Cyrus-Web-Cyradm Howto, such that:

I am using Fedora Core 3 instead of Debian.
I am utilizing the sasl-cyrus-sql package for auxprop authentication
instead of saslauthd through the pam_mysql module.
I am using Fully Qualified Usernames by patching the PHP application
Web-Cyradm (patch written by Michael Hsu) and using the current system of
authentication so that users do not have to login with cyrus mailbox format
such as 'user001', but rather the more natural ####@####.####
I am using plaintext method of storing passwords in mysql (side effect of
using auxprop, and have inplemented it securely nevertheless)

I also gathered information from http://www.totalinfosecurity.com/howto/t1.html
which is Morpheus' Guide to install the original Howto on Fedora 3.

Differing from that particular guide is my approach to enable apache to serve
pages with selinux enabled.    


With that said, is this howto a feasible one to submit to the LDP, and if so,
what else should I do(considering the Howto is already at it's second revision)?

Thank you for your assistance:

Amin Astaneh
####@####.####

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


Hello Amin,

We'd like to see your work.  Can you point us to an on-line reference, or
post what you already have to this list?

Thank you,

Tille.

- --
Machtelt Garrels                ####@####.####
Co-editor of LDP Weekly News    http://tldp.org/ldpwn/latest.html

My Penguin, my freedom.         http://tille.xalasys.com


On Mon, 8 Aug 2005, Amin Astaneh wrote:

> Hello LDP Volunteers:
>
> I have been working on a Howto that is a branch from Luc
> Delouw's Postfix-Cyrus-Web-Cyradm Howto, such that:
>
> I am using Fedora Core 3 instead of Debian.
> I am utilizing the sasl-cyrus-sql package for auxprop authentication
> instead of saslauthd through the pam_mysql module.
> I am using Fully Qualified Usernames by patching the PHP application
> Web-Cyradm (patch written by Michael Hsu) and using the current system of
> authentication so that users do not have to login with cyrus mailbox format
> such as 'user001', but rather the more natural ####@####.####
> I am using plaintext method of storing passwords in mysql (side effect of
> using auxprop, and have inplemented it securely nevertheless)
>
> I also gathered information from http://www.totalinfosecurity.com/howto/t1.html
> which is Morpheus' Guide to install the original Howto on Fedora 3.
>
> Differing from that particular guide is my approach to enable apache to serve
> pages with selinux enabled.
>
>
> With that said, is this howto a feasible one to submit to the LDP, and if so,
> what else should I do(considering the Howto is already at it's second revision)?
>
> Thank you for your assistance:
>
> Amin Astaneh
> ####@####.####
>
>
> ______________________
> http://lists.tldp.org/
>
>
>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFC+aMvsIIUbMXbBA8RAhN9AKC77hhYT6JYVkw8GF6owadPwBFkqgCfRZBR
GW984HIdgrlzZiRQ63pO0n8=
=sETa
-----END PGP SIGNATURE-----

Machtelt-

Thank you for the reply. Here is a link to my latest version:

http://www.qwik.net/howto/newhowto.txt

I have all of the files spoken about in the howto available here (although an update is
needed)
http://www.qwik.net/howto/


I am very grateful for the assistance.

-Amin Astaneh
####@####.####

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Wed, 10 Aug 2005, Amin Astaneh wrote:

> Machtelt-
>
> Thank you for the reply. Here is a link to my latest version:
>
> http://www.qwik.net/howto/newhowto.txt
>
> I have all of the files spoken about in the howto available here (although an update is
> needed)
> http://www.qwik.net/howto/

Hello Amin,

This seems like a good addition to the LDP collection.  I'd suggest that
you attach the config files mentioned in the second URL as appendix to the
HOWTO.  The RPMs can be made available as they are now, because it might
be possible that they change if you upgrade your system and it is not our
goal to provide software.
Would there be any need for a usage or testing section?  I compaired this
HOWTO with Luc Delouw's and it seems that the ending of yours is rather
abrupt.  Or maybe you could point to Luc's HOWTO for testing procedures,
Q&A and further info?

Do you have this in DocBook XML?  For submission, that is the prefered
format.  A Howto template can be found here:

http://www.tldp.org/LDP/LDP-Author-Guide/html/templates-book.html

Should you need help converting, please let me know.  When you are
finished, please send the document to ####@####.#### and we will find
a reviewer (cfr http://www.tldp.org/authors/pubprocess.pdf)

Tille.

- --
Machtelt Garrels                ####@####.####
Review Coordinator    	 	http://www.tldp.org/authors/

My Penguin, my freedom.         http://tille.xalasys.com


-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFC+zQpsIIUbMXbBA8RAoV3AKCgBrAnz7+s13QspO+0RN+O1J5gfACgo2CO
qfq1p9hRV7sNcWiSbdvFOsk=
=GyPW
-----END PGP SIGNATURE-----

Machtelt Garrels wrote:

> On Wed, 10 Aug 2005, Amin Astaneh wrote:
> 
>> Machtelt-
>>
>> Thank you for the reply. Here is a link to my latest version:
>>
>> http://www.qwik.net/howto/newhowto.txt
>>
>> I have all of the files spoken about in the howto available here (although an update is
>> needed)
>> http://www.qwik.net/howto/
> 
> Hello Amin,
> 
> This seems like a good addition to the LDP collection.  I'd suggest that
> you attach the config files mentioned in the second URL as appendix to the
> HOWTO.  The RPMs can be made available as they are now, because it might
> be possible that they change if you upgrade your system and it is not our
> goal to provide software.
> Would there be any need for a usage or testing section?  I compaired this
> HOWTO with Luc Delouw's and it seems that the ending of yours is rather
> abrupt.  Or maybe you could point to Luc's HOWTO for testing procedures,
> Q&A and further info?
> 
> Do you have this in DocBook XML?  For submission, that is the prefered
> format.  A Howto template can be found here:
> 
> http://www.tldp.org/LDP/LDP-Author-Guide/html/templates-book.html
> 
> Should you need help converting, please let me know.  When you are
> finished, please send the document to ####@####.#### and we will find
> a reviewer (cfr http://www.tldp.org/authors/pubprocess.pdf)

Hi all,

As of today my HOWTO is in Docbook SGML. Why not adding the Fedora stuff 
into it? Would be better than having a some sort of "forked" documents.

Anyway, I'm currently updating the HOWTO with the help of others. You're 
welcome for any contribution.


Regards

Luc

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Fri, 12 Aug 2005, Luc de Louw wrote:

> As of today my HOWTO is in Docbook SGML. Why not adding the Fedora stuff
> into it? Would be better than having a some sort of "forked" documents.

If you think the content of both fit eachother, I'm all in favour of your
proposal.  Amin, what do you think about that?  You will get the credit
you deserve, of course.

Tille.

- --
Machtelt Garrels                ####@####.####
Review Coordinator    	 	http://www.tldp.org/authors/

My Penguin, my freedom.         http://tille.xalasys.com

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)

iD8DBQFC/It+sIIUbMXbBA8RAtytAJ9ig74qzpjMU4JNta9Rkd5vy9TFZQCfTLp9
KeqXaBw64QVhinRz9u55iNk=
=oqfB
-----END PGP SIGNATURE-----

Begin forwarded message:

Date: Fri, 12 Aug 2005 13:32:52 -0400
From: Amin Astaneh ####@####.####
To: Luc de Louw ####@####.####
Cc: ####@####.####
Subject: Re: The Postfix-Cyrus-Sasl_Auxprop-MySQL-Web_Cyradm FQUN Howto with Virtual Domain Support on Fedora Core Three


On Fri, 12 Aug 2005 11:47:40 +0200
Luc de Louw ####@####.#### wrote:

> Machtelt Garrels wrote:
> 
> > On Wed, 10 Aug 2005, Amin Astaneh wrote:
> > 
> >> Machtelt-
> >>
> >> Thank you for the reply. Here is a link to my latest version:
> >>
> >> http://www.qwik.net/howto/newhowto.txt
> >>
> >> I have all of the files spoken about in the howto available here (although an update is
> >> needed)
> >> http://www.qwik.net/howto/
> > 
> > Hello Amin,
> > 
> > This seems like a good addition to the LDP collection.  I'd suggest that
> > you attach the config files mentioned in the second URL as appendix to the
> > HOWTO.  The RPMs can be made available as they are now, because it might
> > be possible that they change if you upgrade your system and it is not our
> > goal to provide software.
> > Would there be any need for a usage or testing section?  I compaired this
> > HOWTO with Luc Delouw's and it seems that the ending of yours is rather
> > abrupt.  Or maybe you could point to Luc's HOWTO for testing procedures,
> > Q&A and further info?
> > 
> > Do you have this in DocBook XML?  For submission, that is the prefered
> > format.  A Howto template can be found here:
> > 
> > http://www.tldp.org/LDP/LDP-Author-Guide/html/templates-book.html
> > 
> > Should you need help converting, please let me know.  When you are
> > finished, please send the document to ####@####.#### and we will find
> > a reviewer (cfr http://www.tldp.org/authors/pubprocess.pdf)
> 
> Hi all,
> 
> As of today my HOWTO is in Docbook SGML. Why not adding the Fedora stuff 
> into it? Would be better than having a some sort of "forked" documents.
> 
> Anyway, I'm currently updating the HOWTO with the help of others. You're 
> welcome for any contribution.
> 
> 
> Regards
> 
> Luc
> 

Machtelt-

I have absolutly no objection to incorporating my documentation into Luc's Howto.
You have a carbon copy of the email where I explained my concerns regarding trying 
to fuse both of the docs together. If you find it possible please explain a proper 
approach, for this is my first piece of documentation and I honestly do not know
where to go from here. I am not familiar with DocBook and I have looking at the
XML and it seems a little complex. I'm still working on the howto somewhat
(minor things regarding mail forwarding) and it should be complete really soon.
I shall include the patch in plaintext perhaps in an appendix to the howto as to
not have to include files. I have gotten Michael Hsu's permission to distribute the
patch. Please get back to me on how this should be done.

Amin


Mail in reference:

Luc-
Sounds like a great idea to include my contribution into your howto-
However there are a few concerns:
1. The inplementation involves patching of your php code(Michael Hsu's FQUN
   patch), which in turn effects the data structure in the MySQL databases.
   Specifically, the table accountuser has all of the users, virtual domain or
   local, lumped in to the same table. The 'user001' mailbox designation is
   totally extinct.

2. The inplementation also changes the method of authentication. I decided to
   use auxprop (cyrus-sasl-sql) instead of the saslauthd (pam-mysql) so that I
   could enable my customer base to authenticate using their email address and
   their password. The side effect of this is that auxprop only allows sql 
   passwords to be stored in plaintext. Therefore, I had to edit the create-mysql
   script as well. 

I am aware that a web-cyradm wiki is in the process of being built for these
new howtos. My question is this: considering the drastic changes made to your
original method in my approach, is it feasible to include my contribution into
your howto without a larger layer of complexity, considering the configuration 
is significantly different across the board? Namely, imapd.conf, main.cf,
conf.php, smtpd.conf, and the mysql-foo.cf files in the /etc/postfix directory.

This is my first time writing any form of documentation. I consider you to be 
much more experienced in this field (I do not know how to use DocBook XML) 
Therefore, I consult you and the TLDP to give any suggestions considering the 
differing approaches and how they can be incorporated together as a coherant
whole so that other mail admins can utilize our design. 

I appreciate your help through the web-cyradm mailing list, and it has proven
to be a useful resource. I am still working on the howto (I have just devised a 
method to enable mail forwarding again through web-cyradm and postfix despite
the PHP patch changing things) and I will announce any major revisions and
changes. Please reply soon so that we know where to take it from here in terms
on how to document my findings.

Thank you,

Amin Astaneh
####@####.####


> ______________________
> http://lists.tldp.org/
> 
>