A system group called "sasl" is created and an empty /var/lib/sasl2/sasl.db file with the following permissions: mode 0640, ownership root:sasl are created by default. If the /var/lib/sasl2/sasl.db file already exists, it is not changed in any way. It is recommended that administrators keep these permissions and add application users to the "sasl" group if access to this database is needed. For example, to permit the Postfix SMTP to authenticate users via the sasldb auxprop plugin, add the "postfix" user to the "sasl" group and read the "SMTP Authentication" section of the README.mga documentation file for details regarding Postfix's chroot setup. For other applications in general, just add their user to the "sasl" group.