Il 23/04/21 09:29, Markus Valentin ha scritto:
On 4/22/21 11:49 PM, Alessio Cecchi wrote:> I'm tryng to setup Shared
Mailboxes in Dovecot (2.3.14) Cluster as
explained here:

https://doc.dovecot.org/configuration_manual/shared_mailboxes/cluster_setup/


but I'm not happy:

# doveadm acl debug -u test1@emailtest.net shared/test2/Sent

doveadm(test1@emailtest.net): Info: imapc(10.0.0.202:143): Connected to
10.0.0.202:143 (local 10.0.0.203:58054)
doveadm(test1@emailtest.net): Info: imapc(10.0.0.202:143): Connected to
10.0.0.202:143 (local 10.0.0.203:58056)
doveadm(test1@emailtest.net): Error: imapc(10.0.0.202:143):
Authentication failed: [AUTHENTICATIONFAILED] Authentication failed.
doveadm(test1@emailtest.net): Error: Can't open mailbox
shared/test2/Sent: Authentication failed: [AUTHENTICATIONFAILED]
Authentication failed.

ACL, master-user, master-password works fine because with regular
configuration shared folders works fine and also with master-user or
with master-password I can login and see and access to shared/ namespace
and shared folders.

But when I try to switch location from

location = maildir:%%h/Maildir:INDEX=~/Maildir/shared/%%u

to

location = imapc:~/Maildir/shared/%%u/
[...]
imapc_host = 10.0.0.202
imapc_master_user = %u
#imapc_user = %u
imapc_password = Password
imapc_features = search

stop working.

The relevant error is this:

Apr 22 22:57:14 doveadm(test1@testemail.net): Info:
imapc(10.0.0.203:143): Connected to 10.0.0.202:143 (local 10.0.0.203:58070)
Apr 22 22:57:14 doveadm(test1@testemail.net): Debug:
imapc(10.0.0.203:143): Server capabilities: IMAP4rev1 SASL-IR
LOGIN-REFERRALS ID ENABLE IDLE XLIST LITERAL+ AUTH=PLAIN AUTH=LOGIN
Apr 22 22:57:14 doveadm(test1@testemail.net): Debug:
imapc(10.0.0.203:143): Authenticating as test1@testemail.net for user
test2@testemail.net
Apr 22 22:57:16 doveadm(test1@testemail.net): Error:
imapc(10.0.0.203:143): Authentication failed: [AUTHENTICATIONFAILED]
Authentication failed.
Apr 22 22:57:16 doveadm(test1@testemail.net): Debug:
imapc(10.0.0.203:143): Disconnected
Apr 22 22:57:16 doveadm(test1@testemail.net): Error: Can't open mailbox
shared/test2/Sent: Authentication failed: [AUTHENTICATIONFAILED]
Authentication failed.

Please note "Authenticating as test1@testemail.net for user
test2@testemail.net" failed.

So my question is, the documentation page is update and right or I
missing something?
Hi,

from my perspective it is likely that test1@testemail.net can't be
authenticated as a master user which is required for this setup to work.

>From the cluster setup page:

"You’ll need to setup master user logins to work for all the users. The
logged in user becomes the master user. The master user doesn’t actually
have any special privileges. "

Hi Markus,

really thanks for your support.

I understand your explanation but I don't understand how to apply it on master user/password side.

I must put in configuration file "imapc_password = master-secret" where "master-secret" is a fixed string, and "imapc_master_user = %u" that is replaced with "test1@testemail.net" in my case.

So I have insert in auth-master.conf:

passdb {
   driver = static
   args = password=master-secret
   result_success = continue
}

but I don't think is right/sufficient since, if I understand what you said, the master user name will be "test1@testemail.net" (from %u) , so login format at IMAP level will be "test2@testemail.net*"test1@testemail.net"

but this require a passdb conf more similar to

passdb {
  driver = sql
  args = /etc/dovecot/dovecot-sql-master.conf.ext
  master = yes
  result_success = continue
}

so every %u can be master user, but the password cannot be fixed in this case, since will be the password for every users.

Should I mix passdb driver = sql with args = password=master-secret?

Or what?

Thanks

-- 
Alessio Cecchi
Postmaster @ http://www.qboxmail.it
https://www.linkedin.com/in/alessice