SASL: How to delete all mech entries from a user?

Question

I have a problem with my SASL database.

sasldblistusers2 shows following entries:

myuser@example.com: cmusaslsecretCRAM-MD5
myuser@example.com: cmusaslsecretPLAIN
myuser@example.com: userPassword

I want to delete this user completely. So I run saslpasswd2 -d -u example.com myuser

Now, sasldblistusers2 shows following entries:

myuser@example.com: cmusaslsecretCRAM-MD5
myuser@example.com: cmusaslsecretPLAIN

How can I get rid of the other entries? I am searching for hours for a solution how to get rid of the other mechanisms, but I don't find any single information.

score 1 · Accepted Answer · answered Aug 27 '16 at 13:06

1

As a last resort, you could try modifying the underlying Berkeley DB database directly. This should only be done with extreme caution: test on a non-production system first, and have a current backup. There's a good chance it simply won't work or could cause issues down the track.

Something like:

db_dump -p /etc/sasldb2 > /tmp/sasldb2.dump
vi /tmp/sasldb2.dump # Find and delete the entries that you don't want
mv /etc/sasldb2 /etc/sasldb2.bak
db_load -f /tmp/sasldb2.dump /etc/sasldb2

answered Aug 27 '16 at 13:06

Tom Shaw

3,752
16
23

I usually don't do such hacks, since I hope that there is a real deal; but it worked perfectly, and I didn't notice any negative side effect after doing this. Thank you very much! – Daniel Marschall Aug 27 '16 at 17:03

SASL: How to delete all mech entries from a user?

1 Answers1