hi again,
On Thu, 27 Aug 2015 14:37:59 +0300 Teemu Huovila teemu.huovila@dovecot.fi wrote:
However, I am unable to reproduce this. Could you post your doveconf -n please? Im especially interested in your passdb and userdb configurations and auth-cache settings.
just reproduced the bug with a fresh clean 2.2.18 install
ldap userdb an 2 masterusers with the ACL_GROUP attribut in passwd file
env output in imap-postlogin
first login: AUTH_TOKEN=4adba75022f765fc3215ac5243337fd99adfdbf5 MASTER_USER=master2 SPUSER=private/johnd LOCAL_IP=127.0.0.1 USER=johnd AUTH_USER=master2 PWD=/run/dovecot USERDB_KEYS=ACL_GROUPS HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER SHLVL=1 HOME=/home/vmail/private/johnd ACL_GROUPS=umareadmaster IP=127.0.0.1 _=/usr/bin/env
logout and next login:
AUTH_TOKEN=83d7ede27b4fbc4de2abad58e84e65ac1073e4ec MASTER_USER=master2 SPUSER=private/johnd LOCAL_IP=127.0.0.1 USER=johnd AUTH_USER=master2 PWD=/run/dovecot USERDB_KEYS=HOME SPUSER MASTER_USER AUTH_TOKEN AUTH_USER SHLVL=1 HOME=/home/vmail/private/johnd IP=127.0.0.1 _=/usr/bin/env
############################## % doveconf -n:
# 2.2.18: /etc/dovecot/dovecot.conf # OS: Linux 3.12.44-gentoo x86_64 Gentoo Base System release 2.2 auth_cache_negative_ttl = 30 mins auth_cache_size = 10 k auth_master_user_separator = * auth_use_winbind = yes auth_username_chars = auth_verbose = yes log_path = /var/log/dovecot.log mail_gid = vmail mail_home = /home/vmail/private/%u mail_location = maildir:~/Maildir:LAYOUT=fs:INBOX=~/Maildir/INBOX mail_uid = vmail namespace { inbox = yes location = mailbox Sent { auto = subscribe special_use = \Sent } prefix = separator = / subscriptions = yes type = private } namespace { hidden = no inbox = no list = children location = maildir:/home/vmail/public/%%Lu/Maildir:LAYOUT=fs:INBOX=/home/vmail/public/%%Lu/Maildir/INBOX prefix = public/%%u/ separator = / subscriptions = no type = shared } passdb { args = /etc/dovecot/master-users1 driver = passwd-file master = yes } passdb { args = /etc/dovecot/master-users2 driver = passwd-file master = yes } service auth { unix_listener auth-client { group = mode = 0600 user = $default_internal_user } unix_listener auth-login { group = mode = 0600 user = $default_internal_user } unix_listener auth-master { group = mode = 0600 user = $default_internal_user } unix_listener auth-userdb { group = vmail mode = 0660 user = $default_internal_user } unix_listener login/login { group = mode = 0666 user = $default_internal_user } user = $default_internal_user } service imap-login { inet_listener imap { port = 143 } } service imap-postlogin { executable = script-login /usr/libexec/dovecot/imap-postlogin user = vmail } service imap { executable = imap imap-postlogin } ssl_cert =
################################### % cat auth-master.conf.ext
# Authentication for master users. Included from 10-auth.conf.
# By adding master=yes setting inside a passdb you make the passdb a
list # of "master users", who can log in as anyone else.
#
auth_master_user_separator = *
# Example master user passdb using passwd-file. You can use any passdb though. passdb { driver = passwd-file master = yes args = /etc/dovecot/master-users1
# Unless you're using PAM, you probably still want the destination user to # be looked up from passdb that it really exists. pass=yes does that. #pass = yes } passdb { driver = passwd-file master = yes args = /etc/dovecot/master-users2
# Unless you're using PAM, you probably still want the destination user to # be looked up from passdb that it really exists. pass=yes does that. #pass = yes }
############################################### % cat /etc/dovecot/master-users1
master1:{SHA}xxxxxxx=::::::userdb_acl_groups=umareadmaster allow_nets=127.0.0.1
master2 is the same.
Greetz