[Dovecot] 1.0alpha2: "passdb deny" feature request
Jeff A. Earickson
jaearick at colby.edu
Mon Sep 19 18:38:36 EEST 2005
Hi,
I asked last week about an auth mechanism in 1.0alpha2 to
reject specific userids or uids from authentication. Marco De Benedetto
kindly suggested using passdb passwd-file for a rejection list.
That didn't work and the Wiki for authentication makes it clear why:
the multiple databases use OR for success instead of AND. So
my test user failed with passdb passwd-file but succeeded with
PAM, so he got in.
Any chance of having a "passdb deny" feature, whereby any userid
or uid that appears there will be rejected without further authentication
tests? Something like:
auth default {
passdb deny {
# path of file listing denied uids or userids
args = /etc/dovecot.nonauth
}
passdb pam {
(etc)
}
Jeff Earickson
Colby College
More information about the dovecot
mailing list