On 8/17/2010 9:45 AM, Timo Sirainen wrote:
On Tue, 2010-08-17 at 08:50 -0700, Marc Perkel wrote:
Been trying to track this problem down further. The problem seems to be related to verifying the master user failing. Show the whole dovecot -n output and the whole logs when master user is logging in? You've cut away some stuff I'd like to see.
dovecot -n
# 2.0.0: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-budarin.1 x86_64 Fedora release 12 (Constantine) simfs auth_debug = yes auth_master_user_separator = * disable_plaintext_auth = no dotlock_use_excl = yes first_valid_uid = 12 info_log_path = /var/log/dovecot.log log_path = /var/log/dovecot.log login_greeting = Computer Tyme Dovecot ready. mail_fsync = never mail_gid = mail mail_location = maildir:/vhome/%d/home/%n:INDEX=/imap-cache/%d-%n mail_uid = mail mmap_disable = yes passdb { args = /etc/dovecot/sql.conf driver = sql } passdb { args = /etc/dovecot/domain-owner-sql.conf driver = sql master = yes pass = yes } passdb { args = /etc/dovecot/masteradmin-sql.conf driver = sql master = yes pass = yes } plugin { xexec = blacklist:/usr/local/dovecot/blacklist.sh %u xexec2 = whitelist:/usr/local/dovecot/whitelist.sh %u xexec3 = average:/usr/local/dovecot/average xexec4 = smtp:/usr/local/dovecot/smtp } protocols = imap pop3 service auth { unix_listener auth-client { mode = 0666 } unix_listener auth-master { mode = 0666 } } service imap-login { process_limit = 800 process_min_avail = 100 service_count = 0 vsz_limit = 64 } service imap { process_limit = 400 } service pop3-login { process_limit = 800 process_min_avail = 40 service_count = 0 vsz_limit = 64 } service pop3 { process_limit = 400 } ssl_cert =
domain-owner-sql.conf
user_query = SELECT user_name, domain_name FROM users WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1'
password_query = SELECT user_name, domain_name, password FROM users
WHERE user_name = '%n' AND domain_name = '%d' AND owns_domain='1'
AND '%d'='%{login_domain}'
Result:
Aug 17 09:59:17 auth: Debug: sql(tom@plf.net,127.0.0.1): query: SELECT user_name, domain_name, password FROM users WHERE user_name = 'tom' AND domain_name = 'plf.net' AND owns_domain='1' AND 'plf.net'='' Aug 17 09:59:17 auth: Info: sql(tom@plf.net,127.0.0.1): unknown user Aug 17 09:59:17 auth: Debug: sql(tom@plf.net,127.0.0.1): query: SELECT user_name, domain_name, password FROM users WHERE user_name = 'tom' AND domain_name = 'plf.net' AND masteradmin='1' Aug 17 09:59:17 auth: Info: sql(tom@plf.net,127.0.0.1): unknown user Aug 17 09:59:19 auth: Debug: client out: FAIL 10 user=tom@plf.net Aug 17 09:59:19 imap-login: Info: Aborted login (auth failed, 1 attempts): user=tom@plf.net, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=0, secured
Note - I have two different kinds of masters here. I have a masteradmin who can read anyone's email and I have domain owners who can read anyone's email in the same domain. At least that is what I'm hoping to do.