Re: "unknown user - trying the next userdb" Info in log - dovecot

newer
Dovecot and FTS experiment

Re: "unknown user - trying the next userdb" Info in log

older
v2.3.4 released

Aki Tuomi

30 Jan 2019 30 Jan '19

7:35 a.m.

Attachments:

attachment.html (text/html — 6.3 KB)

Show replies by date

James Brown

30 Jan 30 Jan

7:58 a.m.

New subject: "unknown user - trying the next userdb" Info in log

On 30 Jan 2019, at 4:35 pm, Aki Tuomi mailto:aki.tuomi@open-xchange.com> wrote:

...

...
On 30 January 2019 at 07:12 James Brown < jlbrown@bordo.com.au mailto:jlbrown@bordo.com.au> wrote:

...
...
My settings: ... userdb { driver = passwd } userdb { driver = prefetch } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql } Well... there is that usetdb passwd which seems bit extraneous.

Aki Tuomi

I'd remove the

userdb { driver = passwd }

section

Aki Tuomi

Thanks Aki - the trick was finding where that setting was! Found it in auth-system.conf.ext.

Commented it out and all works perfectly now.

Thanks again Aki,

James.

Mark Moseley

8:31 a.m.

New subject: "unknown user - trying the next userdb" Info in log

On Tue, Jan 29, 2019 at 9:58 PM James Brown via dovecot dovecot@dovecot.org wrote:

...

On 30 Jan 2019, at 4:35 pm, Aki Tuomi aki.tuomi@open-xchange.com wrote:

On 30 January 2019 at 07:12 James Brown < jlbrown@bordo.com.au> wrote:

...
...
My settings: ... userdb { driver = passwd } userdb { driver = prefetch } userdb { args = /usr/local/etc/dovecot/dovecot-sql.conf.ext driver = sql }

Well... there is that usetdb passwd which seems bit extraneous.

Aki Tuomi

I'd remove the

userdb { driver = passwd }

section

Aki Tuomi

Thanks Aki - the trick was finding where that setting was! Found it in auth-system.conf.ext.

Commented it out and all works perfectly now.

Thanks again Aki,

James.

I'll throw in my 2 cents that it'd be great for a passdb/userdb block to have a setting to suppress that message. I've actually changed my mind and *not* used extra userdbs in the past (despite there being good reasons to use them) entirely due to that log entry. We've got millions of mailboxes and the noise in the logs would be unreal. And it would cause no end of confusion for ops people looking at logs. I weighed the likelihood that I'd end up being asked a million times why a login failed, when in reality it hadn't, and decided it wasn't worth the headache.

Or alternatively only log that error when *all* of the passdbs/userdbs have failed. Anything would be better than logging what *looks* like an error but isn't. And, yes, i see 'info' in the log entry, but 'unknown user' is far more eye-catching.

This is the part where someone points out that there already *is* a setting for this and I stop talking :)

Aki Tuomi

9:08 a.m.

New subject: "unknown user - trying the next userdb" Info in log

On 30.1.2019 8.31, Mark Moseley wrote:

...

On Tue, Jan 29, 2019 at 9:58 PM James Brown via dovecot mailto:dovecot@dovecot.org> wrote:
On 30 Jan 2019, at 4:35 pm, Aki Tuomi <aki.tuomi@open-xchange.com
<mailto:aki.tuomi@open-xchange.com>> wrote:
...
...
On 30 January 2019 at 07:12 James Brown < jlbrown@bordo.com.au
<mailto:jlbrown@bordo.com.au>> wrote:


>> My settings:
...
>> userdb {
>> driver = passwd
>> }
>> userdb {
>> driver = prefetch
>> }
>> userdb {
>> args = /usr/local/etc/dovecot/dovecot-sql.conf.ext
>> driver = sql
>> }
...
Well... there is that usetdb passwd which seems bit extraneous.
---
Aki Tuomi
I'd remove the

userdb {
driver = passwd
}

section
--- 
Aki Tuomi
Thanks Aki - the trick was finding where that setting was! Found
it in auth-system.conf.ext.

Commented it out and all works perfectly now.

Thanks again Aki,

James.
I'll throw in my 2 cents that it'd be great for a passdb/userdb block to have a setting to suppress that message. I've actually changed my mind and *not* used extra userdbs in the past (despite there being good reasons to use them) entirely due to that log entry. We've got millions of mailboxes and the noise in the logs would be unreal. And it would cause no end of confusion for ops people looking at logs. I weighed the likelihood that I'd end up being asked a million times why a login failed, when in reality it hadn't, and decided it wasn't worth the headache.

Or alternatively only log that error when *all* of the passdbs/userdbs have failed. Anything would be better than logging what *looks* like an error but isn't. And, yes, i see 'info' in the log entry, but 'unknown user' is far more eye-catching.

This is the part where someone points out that there already *is* a setting for this and I stop talking :)

auth_verbose=no

Aki

2070

Age (days ago)

2070

Last active (days ago)

List overview

3 comments

3 participants

participants (3)

Aki Tuomi
James Brown
Mark Moseley