A system group called "sasl" is created and an empty  /var/lib/sasl2/sasl.db file
with the following permissions: mode 0640, ownership root:sasl
are created by default.

If the /var/lib/sasl2/sasl.db file already exists, it is not changed
in any way.

It is recommended that administrators keep these permissions and add
application users to the "sasl" group if access to this database is needed.

For example, to permit the Postfix SMTP to authenticate users via the sasldb
auxprop plugin, add the "postfix" user to the "sasl" group and read the
"SMTP Authentication" section of the README.mga documentation file for 
details regarding Postfix's chroot setup.

For other applications in general, just add their user to the "sasl" group.