diff options
author | Julien Moutinho <julm+nix@autogeree.net> | 2018-09-18 21:46:43 +0200 |
---|---|---|
committer | Julien Moutinho <julm+nix@autogeree.net> | 2018-09-19 17:20:29 +0200 |
commit | 27f95f3f9c0e6f435d100bba7b57e90a129fa907 (patch) | |
tree | 19a871372e5335960d90cc498f38659a7049f6ee | |
parent | f89d6d92b7b4b79015836f12c5a114f53fa4eccb (diff) | |
download | nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar.gz nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar.bz2 nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar.lz nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar.xz nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.tar.zst nixlib-27f95f3f9c0e6f435d100bba7b57e90a129fa907.zip |
dovecot: allow sasl_bind=yes in the LDAP driver.
Dovecot has its own SASL implementation, but needs Cyrus SASL's headers to bind to an LDAP server using SASL. This is useful to avoid the need to manage a dnpass= in dovecot-ldap.conf by using the Unix socket to authenticate. This is done with sasl_mech=EXTERNAL in dovecot-ldap.conf, and some olcAccess: with by dn="gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth" read in the slapd's cn=config for the LDAP database queried by dovecot/auth (which runs as root).
-rw-r--r-- | pkgs/servers/mail/dovecot/default.nix | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/pkgs/servers/mail/dovecot/default.nix b/pkgs/servers/mail/dovecot/default.nix index acd08f658e66..5b7f433feb63 100644 --- a/pkgs/servers/mail/dovecot/default.nix +++ b/pkgs/servers/mail/dovecot/default.nix @@ -1,6 +1,6 @@ { stdenv, lib, fetchurl, perl, pkgconfig, systemd, openssl , bzip2, zlib, lz4, inotify-tools, pam, libcap -, clucene_core_2, icu, openldap, libsodium, libstemmer +, clucene_core_2, icu, openldap, libsodium, libstemmer, cyrus_sasl # Auth modules , withMySQL ? false, mysql , withPgSQL ? false, postgresql @@ -12,7 +12,7 @@ stdenv.mkDerivation rec { nativeBuildInputs = [ perl pkgconfig ]; buildInputs = - [ openssl bzip2 zlib lz4 clucene_core_2 icu openldap libsodium libstemmer ] + [ openssl bzip2 zlib lz4 clucene_core_2 icu openldap libsodium libstemmer cyrus_sasl.dev ] ++ lib.optionals (stdenv.isLinux) [ systemd pam libcap inotify-tools ] ++ lib.optional withMySQL mysql.connector-c ++ lib.optional withPgSQL postgresql |