Re: master-users problem

On Sat, 23 Dec 2023, Noel Butler via dovecot wrote:

Hi Barbara, On 14/12/2023 00:08, Barbara M. wrote:

passdb {
  args = /etc/dovecot/master-users
  driver = passwd-file
  master = yes
  result_success = continue
}
 

try replacing result_success with   pass = yes

Thanks for replay. Already tried without success.

passdb { driver = passwd-file master = yes args = /etc/dovecot/master-users # result_success = continue pass = yes }

Anyway, tried again using a test user box3 and next with master user aa33:

]# telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK Dovecot ready. user box3 +OK pass ************* +OK Logged in. quit +OK Logging out. Connection closed by foreign host. # telnet 0 110 Trying 0.0.0.0... Connected to 0. Escape character is '^]'. +OK Dovecot ready. user box3*aa33 +OK pass XXXXXXXXXXXXXXXX -ERR [AUTH] Authorization failed quit +OK Logging out Connection closed by foreign host.

In the enabled log I have:

Dec 24 15:54:15 pop3-login: Info: Login: user=<box3>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=1282414, secured, session=<59mCn0INEIh/AAAB> Dec 24 15:54:19 pop3(box3)<1282414><59mCn0INEIh/AAAB>: Info: Disconnected: Logged out top=0/0, retr=0/0, del=0/774, size=328796462 Dec 24 15:54:44 auth: Info: Master user logging in as box3 Dec 24 15:54:46 auth-worker(1282411): Info: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,<Ppk6 oUINxMh/AAAB>): pam_authenticate() failed: Authentication failure (Password mismatch?) (given password: XXXXXXXXXXXXXXXXXX) Dec 24 15:54:51 pop3-login: Info: Disconnected: Aborted login by logging out (authorization failed, 1 attempts in 7 secs): user=<box3>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, secured, session=<Ppk6oUINxMh/AAAB>

The master user was copied from the old server and also created with the syntax: htpasswd -b -c -s passwd.masterusers aa33 XXXXXXXXXXXX

And I have a row like:

aa33:{SHA}jWMl8Ye1yJr+5Y5........bo=

in the file /etc/dovecot/master-users

If useful (hoping I have extraced valuable info), I report below the debug log:

Dec 24 15:54:15 auth: Debug: client in: AUTH 1 PLAIN service=pop3 secured session=59mCn0INEIh/AAAB lip=127.0.0.1 rip=127.0.0.1 lport=110 rport=34832 resp=AGJveDMAMS1DYXNpbm80NS5hcGY= (previous base64 data may contain sensitive data) Dec 24 15:54:15 auth: Debug: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing passdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: Handling PASSV request Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing passdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): lookup service=dovecot Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): #1/1 style=1 msg=Password: Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished passdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<2>: Finished Dec 24 15:54:15 auth: Debug: pam(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished passdb lookup Dec 24 15:54:15 auth: Debug: auth(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Auth request finished Dec 24 15:54:15 auth: Debug: client passdb out: OK 1 user=box3 Dec 24 15:54:15 auth: Debug: master in: REQUEST 2573860865 1282408 1 a3c5e0293a186740512d8f0033e971a1 session_pid=1282414 Dec 24 15:54:15 auth: Debug: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Performing userdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: Handling USER request Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,< 59mCn0INEIh/AAAB>): Performing userdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished userdb lookup Dec 24 15:54:15 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<3>: Finished Dec 24 15:54:15 auth: Debug: passwd(box3,127.0.0.1,<59mCn0INEIh/AAAB>): Finished userdb lookup Dec 24 15:54:15 auth: Debug: master userdb out: USER 2573860865 box3 system_groups_user=box3 uid=50613 gid=100 home=/home/Users/box3 auth_mech=PLAIN Dec 24 15:54:22 auth: Debug: auth client connected (pid=1282416) Dec 24 15:54:44 auth: Debug: client in: AUTH 1 PLAIN service=pop3 secured session=Ppk6oUINxMh/AAAB lip=127.0.0.1 rip=127.0.0.1 lport=110 rport=51396 resp=AGJveDMqYWEzMwBBUEYtLS1kaS0tLUFuZHJldHRBUGFvbE8= (previous base64 data may contain sensitive data) Dec 24 15:54:44 auth: Debug: passwd-file(aa33,127.0.0.1,master,<Ppk6oUINxMh/AAAB>): Master user lookup for login: box3 Dec 24 15:54:44 auth: Debug: passwd-file(aa33,127.0.0.1,master,<Ppk6oUINxMh/AAAB>): Performing passdb lookup Dec 24 15:54:44 auth: Debug: passwd-file(aa33,127.0.0.1,master,<Ppk6oUINxMh/AAAB>): lookup: user=aa33 file=/etc/dovecot/master-users Dec 24 15:54:44 auth: Debug: passwd-file(aa33,127.0.0.1,master,<Ppk6oUINxMh/AAAB>): Finished passdb lookup Dec 24 15:54:44 auth: Debug: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): Performing passdb lookup Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: Handling PASSV request Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): Performing passdb lookup Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): lookup service=dovecot Dec 24 15:54:44 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): #1/1 style=1 msg=Password: Dec 24 15:54:46 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): Finished passdb lookup Dec 24 15:54:46 auth-worker(1282411): Debug: conn unix:auth-worker (pid=1282053,uid=97): auth-worker<4>: Finished: password_mismatch Dec 24 15:54:46 auth: Debug: pam(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): Finished passdb lookup Dec 24 15:54:46 auth: Debug: auth(box3,127.0.0.1,<Ppk6oUINxMh/AAAB>): Auth request finished Dec 24 15:54:48 auth: Debug: client passdb out: FAIL 1 user=box3 code=authz_fail original_user=aa33 auth_user=aa33 Dec 24 15:54:48 pop3-login: Debug: Ignoring unknown passdb extra field: original_user Dec 24 15:54:48 pop3-login: Debug: Ignoring unknown passdb extra field: auth_user Dec 24 15:54:51 auth: Debug: auth client connected (pid=1282422) Dec 24 15:54:51 auth: Debug: client in: AUTH 1 PLAIN service=imap secured session=1TavoUIN6KIAAAAAAAAAAAAAAAAAAAAB lip=::1 rip=::1 lport=143 rport=41704 resp=AGNhcnJhLmNhcmxvADEtQ2FzaW5vNDUuYXBm (previous base64 data may contain sensitive data)