[Dovecot] auth problem
Lampa
lampacz at gmail.com
Tue Oct 17 14:19:01 UTC 2006
hello,
i new to list but i need little help.
I need only imap (later pop3),i have own checkpassword and own user/password
database.
i'm using last version v1.0.rc10
But i have problem with auth, user is authorized but cannot login, here is
log:
dovecot: Oct 17 15:00:36 Info: Dovecot v1.0.rc10 starting up
dovecot: Oct 17 15:00:40 Info: auth(default): client in: AUTH 1 PLAIN
service=IMAP lip=10.0.0.1 rip=10.0.0.13 resp=AG1kdgBza29sYTY2Ng==
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Executed: /usr/local/checklocalpwd/checkpassword.pl
/usr/local/dovecot/bin/dovecot/checkpassword-reply
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Received input: userdb_user=lampa userdb_home=/home/_mail/lampa
userdb_uid=65534 userdb_gid=65534
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
Received no input
dovecot: Oct 17 15:00:40 Info: auth(default): checkpassword(lampa,10.0.0.13):
exit_status=0
dovecot: Oct 17 15:00:40 Info: auth(default): client out: OK 1 user=lampa
dovecot: Oct 17 15:00:40 Info: auth(default): master in: REQUEST 1 17950 1
dovecot: Oct 17 15:00:40 Info: auth(default): master out: USER 1 lampa
user=lampa home=/home/_mail/lampa uid=65534 gid=65534
dovecot: Oct 17 15:00:40 Info: imap-login: Internal login failure:
user=<lampa>, method=PLAIN, rip=10.0.0.13, lip=10.0.0.1
dovecot: Oct 17 15:00:40 Error: Logins with UID 65534 (user lampa) not
permitted (see first_valid_uid in config file)
i think that problem is that uid and gid is set to user nobody instead 508
and 502 (user lampa , end of message is passwd file)
uid 65534 is user nobody (used in auth section in conf, if i set it to root
everyhting is ok)
this is my config:
base_dir = /var/run/dovecot/
protocols = imap
listen = 10.0.0.1
disable_plaintext_auth = no
log_path = /var/log/dovecot/dovecot.log
info_log_path = /var/log/dovecot/dovecot.info
log_timestamp = "%b %d %H:%M:%S "
ssl_disable = yes
login_dir = /var/run/dovecot/login
login_chroot = yes
login_user = dovecot
mail_debug = yes
mail_log_prefix = "%Us(%u): "
verbose_proctitle = yes
first_valid_uid = 508
last_valid_uid = 508
first_valid_gid = 502
last_valid_gid = 502
protocol imap {
login_executable = /usr/local/dovecot/bin/imap-login
mail_executable = /usr/local/dovecot/bin/imap
}
auth_executable = /usr/local/dovecot/bin/dovecot-auth
auth_verbose = yes
auth_debug = yes
auth_debug_passwords = yes
auth default {
mechanisms = plain
passdb checkpassword {
args = /usr/local/checklocalpwd/checkpassword.pl
}
userdb prefetch {
}
user = nobody
}
in file i must comment out chdir $home (program was unable to chdir) i think
due to chroot
/usr/local/checklocalpwd/checkpassword.pl:
#!/usr/bin/perl
use POSIX;
use strict qw(vars);
my $PASSWD_FILE = "/usr/local/qmail/control/passwd2";
%ENV=();
my($len, $buf);
open (USER, "<&=3") || _exit(2);
$len = read(USER, $buf, 512);
close USER;
_exit(2) if $len < 4;
my($user, $pass) = split /\x00/, $buf;
$user = lc $user;
$buf = "\x00" x $len;
my $cwd = getcwd;
my ($passwd, $uid, $gid, $gcos, $home, $shell) = "";
open F, $PASSWD_FILE || _exit(111);
while (<F>) {
if (/^$user:/) {
($user, $passwd, $uid, $gid, $gcos, $home, $shell) = split(/:/);
}
}
close F;
_exit(2) unless $uid;
if (crypt($pass, $passwd) ne $passwd) {
_exit(1);
}
$ENV{USER} = $user;
$ENV{UID} = $uid + 0;
$ENV{HOME} = $home;
$ENV{SHELL} = $shell;
_exit(111) unless $ENV{UID};
#chdir $home || _exit(111);
$) = $gid;
$( = $gid;
$> = $uid;
$< = $uid;
exec @ARGV;
_exit(0);
here is passwd/user file:
lampa:HSExFJNuwlKvk:508:502::/home/_mail/lampa:/bin/false
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://dovecot.org/pipermail/dovecot/attachments/20061017/f9ffda30/attachment.html
More information about the dovecot
mailing list