Custom post login scripting variables via ID command

Brendan Braybrook brendan at tucows.com
Thu Sep 22 16:24:25 UTC 2022


> I wonder if dovecot would consider this feature request. In post login
> scripting, given USER, IP, LOCAL_IP, and userdb lookup fields, are only
> available, I want to push additional variables from web mail to dovecot
> using ID commands yet I looked at the source in imap-login-cmd-id.c and
> script-login.c it seems to be possible while I'm not an expert in C and
> IMAP standards and not sure if its something would break the standards.

i think this can do what you need. this little bit of config:

# trusted networks that can use the extended ID data we use for auth now
login_trusted_networks = 192.168.0.10
# retain these so we can log client names (when provided)
imap_id_retain=yes

makes connections from 192.168.0.10 trusted so that the imap ID fields
get passed around during the auth/userdb processes.

if you then use the new lua scripting for the userdb lookup
(https://doc.dovecot.org/configuration_manual/authentication/lua_based_authentication/#authentication-lua-based-authentication),
you can get the value of the imap client id via auth_request#client_id

here's a little snippet to get you started:
---

package.path = package.path .. ";/usr/share/lua/5.1/?.lua"
package.cpath = package.cpath .. ";/usr/lib/x86_64-linux-gnu/lua/5.1/?.so"
require 'lfs'

function auth_userdb_lookup(req)
  dovecot.i_info("dovecot-auth.lua: authdb client_id = [" ..
req.client_id .. "]")
  ret = {}
  ret.client_id = req.client_id
  // ret.homedir = ...etc...
  // need the rest of the userdb lookup bits
  return dovecot.auth.USERDB_RESULT_OK, ret
end

---

you'll want to update that to return everything you need from the userdb
lookup, but the data returned by userdb should get pushed to your
post_login script. you should see $CLIENT_ID as an env variable with the
example code above.

also note: make sure your post login script explicitly calls bash and
don't get burned by /bin/sh pointing at dash (as happened to me recently
- otherwise some environment variables might not show up with dash).


More information about the dovecot mailing list