[Dovecot] master user

Dale Bewley dlbewley at lib.ucdavis.edu
Mon Feb 5 21:02:58 UTC 2007


On Mon, 2007-02-05 at 12:39 -0800, Tom Bombadil wrote:
> We are thinking about using the master DB, so a few admins can
> impersonate an ordinary user.

I was trying to do the same thing. Not for impersonation :) but for
migration to another IMAP server (Zimbra).

The docs are here http://wiki.dovecot.org/MasterPassword

It works inconsistently for me for some reason. Sometimes dovecot
recognized the auth_master_user_separator delimiter and sometimes it
doesn't.

dovecot-1.0-0.beta8.3.fc5 did not
Jan 26 18:57:01 mail dovecot: auth(default): passdb(zimbra,::ffff:169.237.222.333,master): Master user logging in as dlbewley*zimbra
Jan 26 18:57:01 mail dovecot: auth(default): client out: OK     1      user=dlbewley*zimbra
Jan 26 18:57:01 mail dovecot: auth(default): master in: REQUEST 146     19330   1
Jan 26 18:57:01 mail dovecot: auth(default): passwd(dlbewley*zimbra,::ffff:169.237.222.333): unknown user 
Jan 26 18:57:01 mail dovecot: auth(default): userdb(dlbewley*zimbra,::ffff:169.237.222.333): user not found from userdb
Jan 26 18:57:01 mail dovecot: auth(default): master out: NOTFOUND       146
Jan 26 18:57:01 mail dovecot: imap-login: Internal login failure: user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.222.333,
lip=::ffff:169.237.222.111, TLS

dovecot-1.0-1.1.rc15 on FC5 did work
Jan 26 21:27:37 mail dovecot: auth(default): passdb(zimbra,::ffff:169.237.111.111,master): Master user logging in as dlbewley
Jan 26 21:27:37 mail dovecot: auth(default): client out: OK 1   user=dlbewley
Jan 26 21:27:37 mail dovecot: auth(default): master in: REQUEST 8   28380   1
Jan 26 21:27:37 mail dovecot: auth(default): master out: USER   8   dlbewley   system_user=dlbewley    uid=500 gid=500 home=/home/dlbewley master_user=zimbra
Jan 26 21:27:37 mail dovecot: imap-login: Login: user=<dlbewley>, method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111

But then it stopped working in rc15.
Feb  5 12:52:38 mail dovecot: auth(default): userdb(dlbewley*zimbra,::ffff:169.237.222.111): user not found from userdb
Feb  5 12:52:38 mail dovecot: imap-login: Internal login failure: user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111, TLS

Here's my config:
I tried various changes to auth_username_chars like adding * or blanking
it out and using different characters for auth_master_user_separator.

protocols = imap imaps pop3 pop3s
ssl_cert_file = /usr/share/ssl/certs/mail.cert
ssl_key_file = /usr/share/ssl/private/mail.key
disable_plaintext_auth = no
login_process_per_connection = no
login_processes_count = 10
max_mail_processes = 2048
protocol imap {
}
protocol pop3 {
}
auth_username_chars =
auth_master_user_separator = *
auth default {
        mechanisms = plain
        passdb passwd-file {
                args = /etc/dovecot/dovecot.masterusers
                master = yes
                pass = no
        }
        passdb pam {
        }
        userdb passwd {
        }
        user = root
}
plugin {
}

-- 
Dale Bewley - Unix Administrator - Shields Library - UC Davis
GPG: 0xB098A0F3 0D5A 9AEB 43F4 F84C 7EFD  1753 064D 2583 B098 A0F3
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://dovecot.org/pipermail/dovecot/attachments/20070205/aacf18c9/attachment.pgp 


More information about the dovecot mailing list