[Dovecot] How to bypass checking of system users by virtual users?
Dâniel Fraga
fragabr at gmail.com
Fri Oct 3 09:22:18 EEST 2008
Hi, I have one real domain (abusar.org) and the others are
virtual. So I configured dovecot.conf as the following:
# for abusar.org, real domain
mail_location = mbox:~/.mail/:INBOX=/var/mail/%n
# for the remaining virtual domains
userdb static {
args = uid=17 gid=17 home=/var/spool/virtual/%d/.home/%n mail=mbox:/var/spool/virtual/%d/home/%n:INBOX=/var/spool/virtual/%d/%n
}
passdb passwd-file {
args = username_format=%n /etc/virtual/%d/passwd
}
***
Everything works perfectly except for the fact that when virtual users authenticate, dovecot uses the configuration for
real users first and then authenticate succesfully with the virtual configuration, generating those annoying log error messages:
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=belforts at ragio.com.br rhost=201.6.150.188
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=belforts at telecomex.com.br rhost=201.6.150.188
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown
Oct 3 03:11:40 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=info at mostrasocioambiental.com.br rhost=201.6.150.188
Oct 3 03:12:00 teleporto dovecot-auth: pam_unix(dovecot:auth): check pass; user unknown
Oct 3 03:12:00 teleporto dovecot-auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=comprovante at ragio.com.br rhost=200.204.124.212
This messages happen because dovecot is trying to check virtual
users in the system password file (which just contains real users and
not virtual users).
So is there a way to force it to check virtual users just on
the /etc/virtual/%d/passwd? I mean, if the domain is the real one,
abusar.org, or it doesn't have a domain, it will check in the system
passwords, but if it's some other domain except abusar.org, it should
skip checking system passwords and check directly in the
/etc/virtual/%d/passwd.
I just don't know how to do that.
Any hints? Thank you!
--
Linux 2.6.27-rc8: Rotary Wombat
http://u-br.net
http://www.soninha23.can.br
More information about the dovecot
mailing list