I wanted to use dovecot virtual users with sendmail.
I do not see you use/create/modify sendmail specific files. So can it be your virtual users are not that virtual any more, but real users?
As you probably know, this doesn't work by default. The more scalable solution is probably to use LDAP, but I really don't like it.
Why not? Just because it is more complex/more work?
This is how I did it https://github.com/chrismcc-gmail/dovecot-virtual-sendmail
Basically I abused glibc's db feature in /etc/nsswitch
So a real user ...?
in /var/db/Makefile something like this:
$(VAR_DB)/passwd.db: /etc/dovecot/usersfile @printf %s "$(patsubst %.db,%,$(@F))... " @$(AWK) 'BEGIN { FS=":"; OFS=":" }
/^[ \t]*$$/ { next }
/^[ \t]*#/ { next }
/^root/ { next }
/^[^#]/ { printf ".%s ", $$1;
printf "%s:x:65534:65534:%s:/home/vmail/%s:/sbin/nologin\n", $$1, $$1, $$1;
}' $^ |
$(MAKEDB) -o $@ - @echo "done."make -C /var/db getent passwd ; shows ... virtualuser:x:65534:65534:virtualuser:/home/vmail/virtualuser:/sbin/nologin othervuser:x:65534:65534:othervuser:/home/vmail/othervuser:/sbin/nologin
A longer explanation and more info is in the github repository
It takes about 10 minutes to go from new clean server to working email server with this
That does not really matter now does it?
I've been running this in production for about a week now without any problems.
Question: Has anyone else done this? I don't see any downsides, but I might be missing something.
I do not really get the point of storing system users somewhere else. The distribution does not expect this, so maybe selinux rules are not applied, and security is less on this location. Why not just store them /etc/passwd. Other than that linux is probably the most robust handling users and auth, so having this done by the linux os, is always better than something like mysql.