GSSAPI mail home mapping problem

10 Aug 2021


      Hello,
I'm trying to map authenticated kerberos users to mail_location,
The problem when I set mail_home = /var/mail/virtual/domain1.zw.loca/%n
works fine.
But if mail_home is set as /var/mail/virtual/%d/%n
I get
Apr 12 19:53:18 postfix10 dovecot: imap-login: Login: user=<user0>,
method=GSSAPI, rip=172.16.0.44, lip=10.16.0.220, mpid=2428,
session=
Apr 12 19:53:18 postfix10 dovecot: imap(user0@domain1.zw.local
=login_user=user0)<2428>: Debug: Added userdb setting:
plugin/=yes
Apr 12 19:53:18 postfix10 dovecot: imap(user0@domain1.zw.local
=login_user=user0)<2428>: Debug: Effective uid=5000,
gid=5000, home=/var/mail/virtual/domain1.zw.local =login_user=user0/user0
Right here, I can't figure out why login_user=user0/user0
Apr 12 19:53:18 postfix10 dovecot: imap(user0@domain1.zw.local
=login_user=user0)<2428>: Debug: Namespace inbox:
type=private, prefix=, sep=, inbox=yes, hidden=no, list=yes,
subscriptions=yes location=maildir:~/mail
Now login_user=user0
Apr 12 19:53:18 postfix10 dovecot: imap(user0@domain1.zw.local
=login_user=user0)<2428>: Debug: maildir++:
root=/var/mail/virtual/domain1.zw.local =login_user=user0/user0/mail,
index=, indexpvt=, control=, inbox=/var/mail/virtual/domain1.zw.local
=login_user=user0/user0/mail, alt=
then login_user=user0/user0/mail
Apr 12 19:53:18 postfix10 dovecot: imap(user0@domain1.zw.local
=login_user=user0)<2428>: Debug: Mailbox INBOX:
Mailbox opened because: SELECT
doveconf  -n
# 2.3.4.1 (f79e8e7e4): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.4 ()
# OS: Linux 5.10.0-7-amd64 x86_64 Debian 10.6
# Hostname: postfix10.zw.local
auth_debug = yes
auth_gssapi_hostname = $ALL
auth_krb5_keytab = /etc/dovecot/imap.keytab
auth_mechanisms = gssapi
auth_verbose = yes
disable_plaintext_auth = no
import_environment = TZ KRB5CCNAME=/etc/dovecot/imap.ticket
KRB5_KTNAME=/etc/dovecot/imap.keytab
mail_debug = yes
mail_gid = 5000
mail_home = /var/mail/virtual/%d/%n
mail_location = maildir:~/mail
mail_privileged_group = mail
mail_uid = 5000
namespace inbox {
disabled = no
inbox = yes
list = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
type = private
}
passdb {
args = /etc/dovecot/dovecot-ldap.conf.ext
driver = ldap
}
protocols = " imap lmtp pop3"
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl = no
ssl_cert = 
egrep -v "^$|^#" /etc/dovecot/dovecot-ldap.conf.ext
uris = ldap://ldap10.zw.local
auth_bind = yes
sasl_bind = yes
sasl_mech = gssapi
sasl_realm = zw.local
debug_level = -1
ldap_version = 3
base = dc=zw,dc=local
user_attrs = 

=user=%{ldap:mail} 

=login_user=%{ldap:uid}
user_filter = (uid=%n)
pass_attrs = 

=user=%{ldap:uid},

=k5principals=%{ldap:krbPrincipalName}
pass_filter = (&(objectClass=krbPrincipalAux)(uid=%n))
--
Lucas Castro