[Dovecot] LDA without lookup as non-root?
E.B.
emailbuilder88 at yahoo.com
Sat Oct 20 22:17:12 EEST 2012
> 1) If LDA is invoked without
> lookups, is it correct to assume that the "service auth" and
> "service
> auth-worker" can be completely removed from dovecot master
> configuration? (I have tried commenting them out and logging into IMAP,
> which seems to work, not sure if anyone else needs the auth service)
Any confirmation on this?
> 2)
> If LDA is invoked without lookups, will I be unable to use Dovecot
> quota plugin? Does it need to have a user lookup to get quota info?
> (haven't added quota support, need to take this one step at a time)
I'm especially interested if someone can comment on this, since maybe it makes my efforts here wasted
> 3) The interesting part -- I am invoking LDA from Maildrop. See:
> http://thread.gmane.org/gmane.mail.imap.dovecot/65473
> So
> when invoked, Maildrop has already dropped to the destination UID/GID
> and the needed paths are available in the environment. However, using
> as many permutations of calling LDA as I can think of (based on
> http://wiki2.dovecot.org/LDA ), I always get this:
>
> (command line usage error. Command output: lda: Fatal: Couldn't lookup our
> username (uid=2500) )
I could not find anything in the mailing list archives to help me, but I googled and found a link to a source file:
http://hg.dovecot.org/dovecot-sieve-1.1/raw-rev/7d85833eff96
I read the source, it looks like it's not exactly a userdb lookup - LDA is trying to get the unix username for the given UID. In my case, UIDs are "virtual" so there isn't a unix username. The source doesn't really use the username that it looks up except in a call "open_logfile."
Is it possible to avoid this problem? It looks like the answer is no, I have to use -d which also forces a userdb lookup. Maybe this limitation can be removed in the future? Now I suppose I have to go understand the problems of userdb lookup permissions, but I think there are solutions for that.
Am I on the right understanding ?
> The
> UID is correct for the target user. If I add "-d $LOGNAME" to my LDA
> callout, I get permission denied on the userdb lookup, which I guess is
> another issue to work out if I want to go with lookups. But right now I
> am trying not to. Why does LDA seem to try for a lookup even when I
> follow the wiki instructions how to call it without a lookup?
>
> 3.5)
> Related question, my users have separate homedir and maildir, both
> paths are looked up by Maildrop. I think I need to call LDA with
> "HOME=$DEFAULT dovecot-lda -f $FROM". Is this correct?
>
More information about the dovecot
mailing list