On 2011-02-22, Timo Sirainen wrote:
On Tue, 2011-02-22 at 11:02 +0100, Petter Urkedal wrote:
userdb { driver = passwd args = home=/srv/mail/nbi.ku.dk/%1n/%n mail=maildir:~/Maildir }The problem with passwd is that it can't separate "user doesn't exist" from "temporary error". http://wiki2.dovecot.org/UserDatabase/NSS can separate these, but it hasn't been tested much..
I can see the issue with getpwnam is described in its Linux man-page:
The formulation given above under "RETURN VALUE" is from POSIX.1-2001.
It does not call "not found" an error, and hence does not specify what
value errno might have in this situation. But that makes it impossi-
ble to recognize errors. One might argue that according to POSIX
errno should be left unchanged if an entry is not found. Experiments
on various Unix-like systems show that lots of different values occur
in this situation: 0, ENOENT, EBADF, ESRCH, EWOULDBLOCK, EPERM and
probably others.Since this is an issue with getpwnam (even the POSIX standard, apparently), maybe the assumption about why getpwnam fails can be passed directly to the userdb module? I can see that userdb_static_template_build accepts arbitrary key=value pairs, so how about something like
userdb {
driver = passwd
args = ... tempfail=1
}Anyway, thanks for the suggestion about NSS. We may also use LDAP directly, though that means we bypass the nslcd (nscd) cache, which is a bit unfortunate. So I think we can manage, but you have my vote for adding a workaround for the getpwnam issue.