[Dovecot] No passdbs specified in configuration file with passdb/userdb in protocol sections
hi-
i have a configuration in which i'm using different passdb/userdb settings for each of imap, lmtp and smtp [without getting too far off on a tangent, this is so ldap group membership can be used to independently control authorization for receiving [lmtp], retrieving [imap], and sending [smtp/postfix] of email. each passdb/userdb uses a different search filter.]
when i use this as my config:
# 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 3.0.0-15-generic-pae i686 Ubuntu 11.10 auth_debug = yes first_valid_gid = 2000 first_valid_uid = 2000 log_timestamp = "%d.%m.%Y %H.%M.%S " login_greeting = dovecot ready mail_debug = yes protocols = " imap lmtp" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 10026 } } ssl_cert = </etc/dovecot/pki/mra.example.com-cert.pem ssl_key = </etc/dovecot/pki/mra.example.com-key.pem verbose_proctitle = yes protocol imap { mail_max_userip_connections = 20 passdb { args = /etc/dovecot/dovecot-ldap-imap.conf.ext driver = ldap } userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap-imap.conf.ext driver = ldap } } protocol lmtp { userdb { args = /etc/dovecot/dovecot-ldap-lmtp.conf.ext driver = ldap } } protocol smtp { passdb { args = /etc/dovecot/dovecot-ldap-smsp.conf.ext driver = ldap } }
dovecot complains:
dovecot: auth: Fatal: No passdbs specified in configuration file. PLAIN mechanism needs one
which is a little confusing, since there are multiple passdbs specified, in the various protocol sections. i found that adding another "global" passdb to the config allows dovecot to work - e.g.:
# 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 3.0.0-15-generic-pae i686 Ubuntu 11.10 auth_debug = yes first_valid_gid = 2000 first_valid_uid = 2000 log_timestamp = "%d.%m.%Y %H.%M.%S " login_greeting = dovecot ready mail_debug = yes passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } protocols = " imap lmtp" service auth { unix_listener /var/spool/postfix/private/auth { group = postfix mode = 0666 user = postfix } } service lmtp { inet_listener lmtp { address = 127.0.0.1 ::1 port = 10026 } } ssl_cert = </etc/dovecot/pki/mra.example.com-cert.pem ssl_key = </etc/dovecot/pki/mra.example.com-key.pem verbose_proctitle = yes protocol imap { mail_max_userip_connections = 20 passdb { args = /etc/dovecot/dovecot-ldap-imap.conf.ext driver = ldap } userdb { driver = prefetch } userdb { args = /etc/dovecot/dovecot-ldap-imap.conf.ext driver = ldap } } protocol lmtp { userdb { args = /etc/dovecot/dovecot-ldap-lmtp.conf.ext driver = ldap } } protocol smtp { passdb { args = /etc/dovecot/dovecot-ldap-smsp.conf.ext driver = ldap } }
the problem with this is that while each of the passdb/userdb configs for the various protocols does indeed work, if a result is not found in one of them, the global passdb appears to then function as a catch-all.
how can i tell dovecot it doesn't need a global passdb? each of the protocols' passdb/userdb configs is functioning as desired, but having dovecot look elsewhere upon failure ends up defeating the purpose.
thanks -ben
On Mon, Mar 12, 2012 at 12:00:11AM -0400, btb@bitrate.net wrote:
the problem with this is that while each of the passdb/userdb configs for the various protocols does indeed work, if a result is not found in one of them, the global passdb appears to then function as a catch-all.
how can i tell dovecot it doesn't need a global passdb? each of the protocols' passdb/userdb configs is functioning as desired, but having dovecot look elsewhere upon failure ends up defeating the purpose.
A simple workaround: use an empty passwd-file passdb as global.
http://rob0.nodns4.us/ -- system administration and consulting Offlist GMX mail is seen only if "/dev/rob0" is in the Subject:
On Mar 12, 2012, at 09.38, /dev/rob0 wrote:
On Mon, Mar 12, 2012 at 12:00:11AM -0400, btb@bitrate.net wrote:
the problem with this is that while each of the passdb/userdb configs for the various protocols does indeed work, if a result is not found in one of them, the global passdb appears to then function as a catch-all.
how can i tell dovecot it doesn't need a global passdb? each of the protocols' passdb/userdb configs is functioning as desired, but having dovecot look elsewhere upon failure ends up defeating the purpose.
A simple workaround: use an empty passwd-file passdb as global.
thanks, yeah. i've got what effectively accomplishes the same thing - a global ldap passdb within which the search filter always returns nothing. it sure seems like there would be a more logical method than this though. i looked briefly at the static password database, but at the moment it's intended application appears to be the opposite. if there were some argument such as deny=y or similar, it could be used. but ultimately, it would seem to make more sense to be able to simply tell dovecot that it doesn't need a global passdb, since obviously it doesn't.
-b
participants (2)
-
/dev/rob0
-
btb@bitrate.net