try changing your config so that it reads
passdb passb1 { }
passdb passdb2 { }
passdb passdb3 { }
and try again. this should make it more clear what happens.
Aki
On 01/08/2024 14:51 EEST zaxwat93--- via dovecot <dovecot@dovecot.org> wrote:
got a problem when configured passdb with username_filter — looks like the option doesn't work OS: FreeBSD 13 and 14. Dovecot version: 2.3.21 Part of config: passdb { args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php driver = checkpassword } passdb { args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php driver = checkpassword username_filter = user1@postmaster.local.one default_fields = domain=local.one override_fields = user=postmaster@local.one } passdb { args = /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php driver = checkpassword username_filter = user3@user2.local.one default_fields = domain=local.one override_fields = user=user2@local.one }
When I try command "doveadm auth test user1@postmaster.local.one" and enter a password of user1 — it works as planned — change user1@postmaster.local.one to user1@local.one check it's password and override user to postmaster@local.one But when I try "doveadm auth test user3@user2.local.one" — it also change user3@user2.local.one to user3@local.one, and after password check — override it to postmaster@local.one
Debug logs, when I try "doveadm auth test user3@user2.local.one":
Aug 1 11:01:03 auth: Debug: Loading modules from directory: /usr/local/lib/dovecot/auth Aug 1 11:01:03 auth: Debug: Module loaded: /usr/local/lib/dovecot/auth/lib20_auth_var_expand_crypt.so Aug 1 11:01:03 auth: Debug: Read auth token secret from /var/run/dovecot/auth-token-secret.dat Aug 1 11:01:03 auth: Debug: passwd-file /usr/local/etc/dovecot.users.list:Read 7 users in 0 secs Aug 1 11:01:03 auth: Debug: auth client connected (pid=0) Aug 1 11:01:03 auth: Debug: client in: AUTH 1 PLAIN service=doveadm debug resp=<hidden> Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): Performing passdb lookup Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): execute: /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php /usr/local/libexec/dovecot/checkpassword-reply Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): Received input: Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): exit_status=1 Aug 1 11:01:03 auth: checkpassword(user3@user2.local.one): Login failed (status=1) Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): Finished passdb lookup Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): Performing passdb lookup Aug 1 11:01:03 auth: Debug: checkpassword(user3@user2.local.one): username changed user3@user2.local.one -> user3@local.one Aug 1 11:01:03 auth: Debug: checkpassword(user3@local.one): execute: /usr/local/bin/php /usr/local/dovecot/bin/checkpassword.php /usr/local/libexec/dovecot/checkpassword-reply Aug 1 11:01:03 auth: Debug: checkpassword(user3@local.one): Received input: user=user3@local.one userdb_home=/var/spool/mail/ userdb_uid=dovecot userdb_gid=dovecot Aug 1 11:01:03 auth: Debug: checkpassword(user3@local.one): exit_status=0 Aug 1 11:01:03 auth: Debug: checkpassword(user3@local.one): username changed user3@local.one -> postmaster@local.one Aug 1 11:01:03 auth: Debug: checkpassword(postmaster@local.one): Finished passdb lookup Aug 1 11:01:03 auth: Debug: auth(postmaster@local.one): Auth request finished Aug 1 11:01:03 auth: Debug: client passdb out: OK 1 user=postmaster@local.one original_user=user3@user2.local.one
I've checked sources and find in " core/src/auth/auth-request.c (from line 617) " code that check username_filter and should send "skipping passdb: username filtered" message in debug, but it doesn't do it.
Is it a bug or I've missed something in setup?
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org