[Dovecot] Master Login using MySQL problem - %{login_domain}
Marc Perkel
marc at perkel.com
Tue Aug 17 20:02:01 EEST 2010
On 8/17/2010 9:45 AM, Timo Sirainen wrote:
> On Tue, 2010-08-17 at 08:50 -0700, Marc Perkel wrote:
>
>> Been trying to track this problem down further. The problem seems to be
>> related to verifying the master user failing.
> Show the whole dovecot -n output and the whole logs when master user is
> logging in? You've cut away some stuff I'd like to see.
>
>
dovecot -n
# 2.0.0: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32-budarin.1 x86_64 Fedora release 12 (Constantine) simfs
auth_debug = yes
auth_master_user_separator = *
disable_plaintext_auth = no
dotlock_use_excl = yes
first_valid_uid = 12
info_log_path = /var/log/dovecot.log
log_path = /var/log/dovecot.log
login_greeting = Computer Tyme Dovecot ready.
mail_fsync = never
mail_gid = mail
mail_location = maildir:/vhome/%d/home/%n:INDEX=/imap-cache/%d-%n
mail_uid = mail
mmap_disable = yes
passdb {
args = /etc/dovecot/sql.conf
driver = sql
}
passdb {
args = /etc/dovecot/domain-owner-sql.conf
driver = sql
master = yes
pass = yes
}
passdb {
args = /etc/dovecot/masteradmin-sql.conf
driver = sql
master = yes
pass = yes
}
plugin {
xexec = blacklist:/usr/local/dovecot/blacklist.sh %u
xexec2 = whitelist:/usr/local/dovecot/whitelist.sh %u
xexec3 = average:/usr/local/dovecot/average
xexec4 = smtp:/usr/local/dovecot/smtp
}
protocols = imap pop3
service auth {
unix_listener auth-client {
mode = 0666
}
unix_listener auth-master {
mode = 0666
}
}
service imap-login {
process_limit = 800
process_min_avail = 100
service_count = 0
vsz_limit = 64
}
service imap {
process_limit = 400
}
service pop3-login {
process_limit = 800
process_min_avail = 40
service_count = 0
vsz_limit = 64
}
service pop3 {
process_limit = 400
}
ssl_cert = </usr/share/ssl/certs/imapd.pem
ssl_key = </usr/share/ssl/certs/imapd.pem
verbose_proctitle = yes
protocol pop3 {
pop3_uidl_format = %v.%u
}
domain-owner-sql.conf
user_query = SELECT user_name, domain_name FROM users WHERE user_name =
'%n' AND domain_name = '%d' AND owns_domain='1'
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1' \
AND '%d'='%{login_domain}'
Result:
Aug 17 09:59:17 auth: Debug: sql(tom at plf.net,127.0.0.1): query: SELECT
user_name, domain_name, password FROM users WHERE user_name = 'tom' AND
domain_name = 'plf.net' AND owns_domain='1' AND 'plf.net'=''
Aug 17 09:59:17 auth: Info: sql(tom at plf.net,127.0.0.1): unknown user
Aug 17 09:59:17 auth: Debug: sql(tom at plf.net,127.0.0.1): query: SELECT
user_name, domain_name, password FROM users WHERE user_name = 'tom' AND
domain_name = 'plf.net' AND masteradmin='1'
Aug 17 09:59:17 auth: Info: sql(tom at plf.net,127.0.0.1): unknown user
Aug 17 09:59:19 auth: Debug: client out: FAIL 10 user=tom at plf.net
Aug 17 09:59:19 imap-login: Info: Aborted login (auth failed, 1
attempts): user=<tom at plf.net>, method=PLAIN, rip=127.0.0.1,
lip=127.0.0.1, mpid=0, secured
Note - I have two different kinds of masters here. I have a masteradmin
who can read anyone's email and I have domain owners who can read
anyone's email in the same domain. At least that is what I'm hoping to do.
More information about the dovecot
mailing list