[Dovecot] 2.0.5 masteruser problem with uncached users

Ralf Hildebrandt Ralf.Hildebrandt at charite.de
Thu Oct 14 17:51:51 EEST 2010


* Timo Sirainen <tss at iki.fi>:
> On Fri, 2010-10-08 at 15:38 +0200, Ralf Hildebrandt wrote:
> 
> > # fuer user*masteruser logins
> > passdb {
> >   args = /usr/dovecot-2/etc/dovecot/dovecot.masteruser
> >   driver = passwd-file
> >   master = yes
> >   pass = yes
> 
> You can't use pass=yes with passdb pam. From wiki:

Ah. I fixed it by using 
passdb shadow :)
as well

> "You should also add the pass=yes setting to the master passdb if
> possible. It means that Dovecot verifies that the login user really
> exists before allowing the master user to log in. Without the setting if
> a nonexistent login username is given, depending on the configuration,
> it could either return an internal login error (the userdb lookup
> failed) or create a whole new user (with eg. static userdb). pass=yes
> doesn't work with PAM or LDAP with auth_bind=yes, because both of them
> require knowing the user's password."
> 
> But .. yeah, maybe a fallback should be to do a userdb lookup instead.
> Or change it to a pass=yes|no|userdb setting.

-- 
Ralf Hildebrandt
  Geschäftsbereich IT | Abteilung Netzwerk
  Charité - Universitätsmedizin Berlin
  Campus Benjamin Franklin
  Hindenburgdamm 30 | D-12203 Berlin
  Tel. +49 30 450 570 155 | Fax: +49 30 450 570 962
  ralf.hildebrandt at charite.de | http://www.charite.de
	    


More information about the dovecot mailing list