passdb {driver = shadow args = override_username=%variable}
UNIX admin
tripivceta at gmail.com
Sat Jul 9 10:01:43 UTC 2016
Hello list
I want to implement override_username = %variable for the "shadow"
driver, so that the following works:
passdb {
driver = shadow
args = override_username=%Ln
}
by "%variable", I mean "Variables" at http://wiki.dovecot.org/Variables.
I've hacked up a solution with strtok(3C), but that's a hack and a
possible security hole, and I'd rather not implement it.
What I really want is to be able to leverage Dovecot's var_expand()
call, which, looking at the code, appears to be the function
responsible for %variable expansion and formatting.
The relevant piece of code seems to be this excerpt in auth/passdb-shadow.c:
static enum passdb_result
shadow_lookup(struct auth_request *request, struct spwd **spw_r)
{
auth_request_log_debug(request, AUTH_SUBSYS_DB, "lookup");
*spw_r = getspnam(request->user);
if (*spw_r == NULL) {
auth_request_log_unknown_user(request, AUTH_SUBSYS_DB);
return PASSDB_RESULT_USER_UNKNOWN;
}
when request->user contains 'user at domain.tld', I want the code to be
able to process "override_username", determine that the format is %Ln
so that request->user is lowercased, and everything after the "@" sign
is stripped. Therefore, if this user happens to exist in the shadow
file, authentication will succeed.
Currently, the "shadow" driver only appears to support "args = blocking=no".
Please advise.
More information about the dovecot
mailing list