sbonazzo / rpms / cyrus-sasl

Forked from rpms/cyrus-sasl 2 years ago
Clone

Blame SOURCES/cyrus-sasl-2.1.26-saslauthd-user.patch

6611fc
diff --git a/saslauthd/saslauthd.mdoc b/saslauthd/saslauthd.mdoc
6611fc
index 37c6f6e..5b635ab 100644
6611fc
--- a/saslauthd/saslauthd.mdoc
6611fc
+++ b/saslauthd/saslauthd.mdoc
6611fc
@@ -44,7 +44,27 @@ multi-user mode. When running against a protected authentication
6611fc
 database (e.g. the
6611fc
 .Li shadow
6611fc
 mechanism),
6611fc
-it must be run as the superuser.
6611fc
+it must be run as the superuser. Otherwise it is recommended to run
6611fc
+daemon unprivileged as saslauth:saslauth. You can do so by following
6611fc
+these steps:
6611fc
+.Bl -enum -compact
6611fc
+.It
6611fc
+create directory
6611fc
+.Pa /etc/systemd/system/saslauthd.service.d/
6611fc
+.It
6611fc
+create file
6611fc
+.Pa /etc/systemd/system/saslauthd.service.d/user.conf
6611fc
+with content
6611fc
+.Bd -literal
6611fc
+[Service]
6611fc
+User=saslauth
6611fc
+Group=saslauth
6611fc
+
6611fc
+.Ed
6611fc
+.It
6611fc
+Reload systemd service file: run
6611fc
+.Dq systemctl daemon-reload
6611fc
+.El
6611fc
 .Ss Options
6611fc
 Options named by lower\-case letters configure the server itself.
6611fc
 Upper\-case options control the behavior of specific authentication