[Dovecot] Userdb and home directories
Mike Brudenell
pmb1 at york.ac.uk
Mon Aug 6 13:23:12 EEST 2007
Greetings -
A lot of reading and testing has led me part-way to an answer. If
anyone can help me get all the way there I'll be really grateful: I
only have 48 hours now before the system has to go live!
The problem...
We are using "userdb passwd" to get a user's details from our main
NIS map. This returns uid, gid and normal home directory for each user.
However for mail I don't make any use of the home directory, wanting
a "sealed black box" environment that isn't dependent on our other
file server with home directories on it: just the file server with
the mail directories.
I understand now that I can change a user's home directory between
the imap-login and imap processes by altering the configuration file
to point at a script
mail_executable = /usr/local/dovecot/libexec/postlogin-script
and have the script alter the HOME environment variable:
HOME=`printf '/mailstore/control/%1.1s/%s/home' "$USER" "$USER"`
[Quick side-question: should I be using $USER or $RESTRICTED_USER
here? I can't work out what the difference between them is. Both
are set within Dovecot's standard environment.]
HOWEVER...
The problem I'm trying to avoid is having Dovecot refuse to log
someone in if their home directory gives a "Permission denied" error
(eg, when their home directory filer is in a funny state). This test
appears to be done very early on, in the imap-login process (I
think): definitely before the post-login script runs.
Is there some way of overriding the home directory used in the very
early (imap-login?) process? At present I can only think of either:
a) Edit /etc/passwd with a dummy home directory for all users to
appease
the very early check, then use the postlogin script to set
the real
home directory up for the main imap process, or
b) Edit the source code to do likewise.
I keep hoping I've missed something and there is a cleaner way to
override the value for home returned by the passwd userdb before its
initial use in src/master/mail-process.c create_mail_process()
Any help gratefully received!
Cheers,
Mike B-)
On 3 Aug 2007, at 11:33, Mike Brudenell wrote:
> We use shadow for the passdb and passwd for the userdb (see dovecot
> -n output below). I'm trying to work out how to override the home
> directory returned from NIS. Ultimately I'd like to use this
> template:
>
> /mailstore/control/%1Ln/%Ln/home
>
> but for the time being while I'm trying to work out how to do it
> have my own area hard-coded in (as it's only me logging in to the
> test system):
>
> /mailstore/control/p/pmb1/home
>
> I'm specifying this with the "args" directive in the userdb section
> as follows:
>
> args = home=/mailstore/control/p/pmb1/home
>
> but it isn't being picked up. What am I doing wrong, please?
> (We want to continue using uids and gids etc from NIS so I don't
> think using the static userdb is the right thing to do?)
--
The Computing Service, University of York, Heslington, York Yo10 5DD, UK
Tel:+44-1904-433811 FAX:+44-1904-433740
* Unsolicited commercial e-mail is NOT welcome at this e-mail address. *
More information about the dovecot
mailing list