Hola,
Debian (and possibly other distros) use the /etc/dovecot/conf.d/* setup where default config files are stuffed and then one can just add a 99-myconfig.conf et voila, variables are overruled.
This allows the distro to supply updates to the files at package upgrade time without any/much user intervention.
The problem (for me ;) is that the system comes provided with:
auth-system.conf.ext containing:
passdb { driver = pam } userdb { driver = passwd }
Hence pam & /etc/passwd based are always enabled. This while I don't have any local users.
Replication seems to then always pick up the local users, which are vmail + nobody (65536).
doveadm user '*' thus reports vmail, nobody + virtual users
Setting: first_valid_uid = 5000 last_valid_uid = 5000
only keeps vmail in there, but apparently some module (guess replication) is still able to figure out that 'nobody' exists:
Apr 10 09:48:25 mail dovecot: doveadm(IPADDR,nobody): Error: Mail access for users with UID 65534 not permitted (see first_valid_uid in config file, uid from userdb lookup). Apr 10 09:48:25 mail dovecot: doveadm(IPADDR,nobody): Error: dsync-server: User init failed Apr 10 09:49:38 mail dovecot: doveadm(nobody): Error: sync: Failed to start remote dsync-server command: Remote exit_code=75
and on the other side: Apr 10 09:54:38 mail dovecot: doveadm(nobody): Error: sync: Unknown user in remote
This can be resolved by commenting out the entries in auth-system.conf.ext but then I'll have to do that again at package upgrade time.
Hence, would it be a cool option to be able (in the 99-myconfig.conf) file to put:
passdb { driver = pam enabled = false } userdb { driver = passwd enabled = false }
And thereby disabling those modules completely? Thus avoiding upgrade conflicts etc.
Greets, Jeroen