This is an old revision of the document!

ZNC install for network Administrators

This guide tells how we install ZNC for our whole network, with integrated login to our X3 services.

Install saslauthd

  • Install saslauthd package: apt-get install sasl2-bin
  • edit /etc/defaults/saslauthd:
START=yes
MECHANISM="ldap"
  • edit/create /etc/saslauthd.conf:
ldap_servers: ldaps://yourldapserver.domain
ldap_search_base: ou=Users,dc=yourdomain,dc=org
ldap_filter: (uid=%u)
#ldap_tls_cacert_file: /etc/ssl/yourcertificate.cer
  • Copy the CA certificate matching your ldap server to /etc/ssl/yourcertificate.cer if needed
  • start saslauthd: /etc/init.d/saslauthd start
  • Test saslauthd: testsaslauthd -u “yourldapuid” -p yourpassword -f /var/run/saslauthd/mux
  • Troubleshooting:
    • Stop saslauthd and run it in debug mode: /usr/sbin/saslauthd -a ldap -c -m /var/run/saslauthd -n 1 -d
    • check /var/log/auth.log and /var/log/daemon.log
    • try ldapsearch and see if that works: ldapsearch -D 'uid=youruid,ou=Users,dc=yourdomain,dc=org' -w yourpassword -H ldaps:ldapservername -b “ou=Users,dc=yourdomain,dc=org' -s sub ”(objectclass=*)“ ===== Install ZNC ===== Assuming a debian 8 (jessie) base system: * Install debian backports: add deb http://ftp.debian.org/debian jessie-backports main to /etc/apt/sources.list. dont forget to sudo apt-get update * Install build dependencies by cheating a bit using the debian dependency list: sudo apt-get build-dep znc * Install CMake: sudo apt-get install cmake * Install ICU: sudo apt-get install libicu-dev * Install SWIG: sudo apt-get install swig3.0 * Install Boost: sudo apt-get install libboost-all-dev * git clone the repository. We maintain some patches to ZNC for integration with sasl/ldap etc so you'll want to use the latest version branch from our znc fork: https://github.com/evilnet/znc * cd to the cloned repository * ./configure –prefix=/data/irc/services/znc –enable-cyrus –enable-python –enable-perl * enable git submodules: git submodule update –init –recursive * compile: make * install: make install * Run for the first time, from the install directory: bin/znc –makeconf * Username: admin * Password: see keepass db (rubin) * Nickname: zncadmin * Ident: zncadmin * Real name: ZNC Administrator * Bind host: empty * Connect to the ZNC using an irc client as the above user * Load the cyrusauth module: /msg *status load cyrusauth saslauthd * Create a dummy user in znc to use as a skel/clone identity * Set cyrusauth module to use it: /msg *cyrusauth cloneuser yourcloneusernamehere * Let it create users: /msg *cyrusauth createuser Yes * Load the sasl module: /msg *status load sasl * Require authentication: /msg *sasl requireauth yes'' * * Configure the modules