authenticate as userA, but get authorization to user userB's account

Heiko Schlittermann hs at schlittermann.de
Wed Oct 25 15:27:56 EEST 2017


Hello József,

thanks for your super-fast response.

Kadlecsik József <kadlecsik.jozsef at wigner.mta.hu> (Mi 25 Okt 2017 13:28:22 CEST):
> > sales at example.com, using the credentials of the very own account (say 
> > hans at example.com)?
> 
> We faced the same problem and solved it with a PAM module:
…
> The users must use the username "groupusername*realusername" and the

Yes, this follows the maser-user idea. Great.
I'm curious if the master user mechanism isn't usable.
Maybe it is, I'll check this.

> - dovecot POP/IMAP server
> - vsfptd FTP server
> 
> Addendum: for dovecot, add "*" to the allowed username chars to 
> auth_username_chars in /etc/dovecot/conf.d/10-auth.conf.

I think, it's there already for the master user mechanism.
I'll send a follow-up on how I solved it, if I do not get any further input.

    Best regards from Dresden/Germany
    Viele Grüße aus Dresden
    Heiko Schlittermann
-- 
 SCHLITTERMANN.de ---------------------------- internet & unix support -
 Heiko Schlittermann, Dipl.-Ing. (TU) - {fon,fax}: +49.351.802998{1,3} -
 gnupg encrypted messages are welcome --------------- key ID: F69376CE -
 ! key id 7CBF764A and 972EAC9F are revoked since 2015-01 ------------ -
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <https://dovecot.org/pipermail/dovecot/attachments/20171025/55d2940b/attachment.sig>


More information about the dovecot mailing list