On Wed, 2005-06-15 at 13:11 -0700, Dan Hollis wrote:
On Tue, 14 Jun 2005, Timo Sirainen wrote:
On Tue, 2005-06-14 at 03:16 -0700, Dan Hollis wrote:
PAM module only works for PAM passdb, Dovecot still does userdb lookup from /etc/passwd or wherever you have it. PAM should be given a chance to modify the username dovecot uses to do the userdb lookup with. Hmm. I remembered PAM wouldn't allow that, but looks like it does. Changed CVS version to support that now (non-tested though, but doesn't at least break the normal behavior).
I've thought some more about writing a PAM module, but what's the solution for people who don't have pam and _must_ authenticate from /etc/passwd,shadow (getpwnam, getspnam)?
Seems to me the only truly universal solution is to do this inside dovecot. It already has code to mangle the username with modifiers for mailspool location, so applying the same code to allow modifying username would seem to be a logical and consistent extension of existing dovecot behavior.
That's assuming that the code for stripping domain away from username is useful for more than one or two people. I'm not really convinced of that. There may be a way to make this possible in some generic way by adding a feature that make this possible, but a strip_domain_from_username=yes setting just isn't going to happen.