I'm following the guide for changing the password schema. Everything works as expected (i'm using a static passwd file), but when the plain password has a % inside, dovecot is trying to expand that, triggering an error:
Apr 11 21:33:55 mail02 dovecot: pop3(x)<3962994><4soGPNcVXsoln9W6>: Error: Failed to expand plugin setting plain_pass = 'xxxxx%Yxxxxxx!%': Unknown variable '%Y'
How can I block the variable expansion inside %w ?
any clue?
Il gio 11 apr 2024, 21:57 Gandalf Corvotempesta < gandalf.corvotempesta@gmail.com> ha scritto:
I'm following the guide for changing the password schema. Everything works as expected (i'm using a static passwd file), but when the plain password has a % inside, dovecot is trying to expand that, triggering an error:
Apr 11 21:33:55 mail02 dovecot: pop3(x)<3962994><4soGPNcVXsoln9W6>: Error: Failed to expand plugin setting plain_pass = 'xxxxx%Yxxxxxx!%': Unknown variable '%Y'
How can I block the variable expansion inside %w ?
guys any help ? Is not possible to change the password schema when using passwd file ?
Il giorno sab 13 apr 2024 alle ore 14:48 Gandalf Corvotempesta gandalf.corvotempesta@gmail.com ha scritto:
any clue?
Il gio 11 apr 2024, 21:57 Gandalf Corvotempesta gandalf.corvotempesta@gmail.com ha scritto:
I'm following the guide for changing the password schema. Everything works as expected (i'm using a static passwd file), but when the plain password has a % inside, dovecot is trying to expand that, triggering an error:
Apr 11 21:33:55 mail02 dovecot: pop3(x)<3962994><4soGPNcVXsoln9W6>: Error: Failed to expand plugin setting plain_pass = 'xxxxx%Yxxxxxx!%': Unknown variable '%Y'
How can I block the variable expansion inside %w ?
Can you explain what you are trying to do? Aki On 16/04/2024 21:36 EEST Gandalf Corvotempesta via dovecot dovecot@dovecot.org wrote: guys any help ? Is not possible to change the password schema when using passwd file ? Il giorno sab 13 apr 2024 alle ore 14:48 Gandalf Corvotempesta gandalf.corvotempesta@gmail.com ha scritto: > any clue? Il gio 11 apr 2024, 21:57 Gandalf Corvotempesta gandalf.corvotempesta@gmail.com ha scritto: > >> I'm following the guide for changing the password schema. >> Everything works as expected (i'm using a static passwd file), but >> when the plain password has a % inside, dovecot is trying to expand >> that, triggering an error: >> >> Apr 11 21:33:55 mail02 dovecot: pop3 (x)<3962994><4soGPNcVXsoln9W6>: >> Error: Failed to expand plugin setting plain_pass = 'xxxxx%Yxxxxxx!%': >> Unknown variable '%Y' >> >> How can I block the variable expansion inside %w ? _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
im following the docs to change the password schema
docs says that i have to pass the clear password to the post login script but using %w doesn't work if the clear password has a "%" inside as it's being expanded as variabile
in example with a password "test%Ypass" dovecot is trying to expand %Y before passing it to the post login script
Il mer 17 apr 2024, 08:24 Aki Tuomi aki.tuomi@open-xchange.com ha scritto:
Can you explain what you are trying to do?
Aki
On 16/04/2024 21:36 EEST Gandalf Corvotempesta via dovecot < dovecot@dovecot.org> wrote:
guys any help ? Is not possible to change the password schema when using passwd file ?
Il giorno sab 13 apr 2024 alle ore 14:48 Gandalf Corvotempesta gandalf.corvotempesta@gmail.com ha scritto:
any clue?
Il gio 11 apr 2024, 21:57 Gandalf Corvotempesta < gandalf.corvotempesta@gmail.com> ha scritto:
I'm following the guide for changing the password schema. Everything works as expected (i'm using a static passwd file), but when the plain password has a % inside, dovecot is trying to expand that, triggering an error:
Apr 11 21:33:55 mail02 dovecot: pop3(x)<3962994><4soGPNcVXsoln9W6>: Error: Failed to expand plugin setting plain_pass = 'xxxxx%Yxxxxxx!%': Unknown variable '%Y'
How can I block the variable expansion inside %w ?
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Gandalf Corvotempesta via dovecot skrev den 2024-04-17 08:31:
im following the docs to change the password schema
docs says that i have to pass the clear password to the post login script but using %w doesn't work if the clear password has a "%" inside as it's being expanded as variabile
in example with a password "test%Ypass" dovecot is trying to expand %Y before passing it to the post login script
i am not an expert in postlogin scripts, but please show it
if it not working simple remove % in passwords would not solve it ?
Il giorno mer 17 apr 2024 alle ore 14:22 Benny Pedersen via dovecot dovecot@dovecot.org ha scritto:
i am not an expert in postlogin scripts, but please show it
The issue is not the postlogin script, but dovecot. It's dovecot that tries to expand a variable BEFORE sending it to the script
userdb { args = username_format=%u /etc/dovecot/passwd driver = passwd-file #default_fields = plain_pass=%w }
if it not working simple remove % in passwords would not solve it ?
Seriously ? oviously asking all customers to change their password to remove a char is not a solution......
Il giorno mer 17 apr 2024 alle ore 14:22 Benny Pedersen via dovecot dovecot@dovecot.org ha scritto:
Gandalf Corvotempesta via dovecot skrev den 2024-04-17 08:31:
im following the docs to change the password schema
docs says that i have to pass the clear password to the post login script but using %w doesn't work if the clear password has a "%" inside as it's being expanded as variabile
in example with a password "test%Ypass" dovecot is trying to expand %Y before passing it to the post login script
i am not an expert in postlogin scripts, but please show it
if it not working simple remove % in passwords would not solve it ?
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
If you have version with Lua support, you can make a passdb with lua that base64 encodes the plain password. Then it should work. Aki On 17/04/2024 15:56 EEST Gandalf Corvotempesta via dovecot dovecot@dovecot.org wrote: Il giorno mer 17 apr 2024 alle ore 14:22 Benny Pedersen via dovecot dovecot@dovecot.org ha scritto: i am not an expert in postlogin scripts, but please show it The issue is not the postlogin script, but dovecot. It's dovecot that tries to expand a variable BEFORE sending it to the script userdb { args = username_format=%u /etc/dovecot/passwd driver = passwd-file #default_fields = plain_pass=%w } if it not working simple remove % in passwords would not solve it ? Seriously ? oviously asking all customers to change their password to remove a char is not a solution...... Il giorno mer 17 apr 2024 alle ore 14:22 Benny Pedersen via dovecot dovecot@dovecot.org ha scritto: > Gandalf Corvotempesta via dovecot skrev den 2024-04-17 08: 31: im following the docs to change the password schema docs says that i have to pass the clear password to the post login script but using %w doesn't work if the clear password has a "%" inside as it's being expanded as variabile in example with a password "test%Ypass" dovecot is trying to expand %Y before passing it to the post login script i am not an expert in postlogin scripts, but please show it if it not working simple remove % in passwords would not solve it ? _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
Il giorno mer 17 apr 2024 alle ore 15:31 Aki Tuomi aki.tuomi@open-xchange.com ha scritto:
If you have version with Lua support, you can make a passdb with lua that base64 encodes the plain password. Then it should work.
I'm not using lua currently, and i'm planning to move the server to a new one with users on DB, that's why i'm looking for a quick&dirty workaround, just to migrate all password to the new schema before the server migration.
Is not possible to use a plain passdb file ? If not, even with a dirty workaround, i'll do the schema change on the new server with accounts on DB but i really prefere to do this before, not after the migration.
so it's not possible without using lua? i think this is a bug honestly
Il mer 17 apr 2024, 16:16 Gandalf Corvotempesta < gandalf.corvotempesta@gmail.com> ha scritto:
If you have version with Lua support, you can make a passdb with lua
Il giorno mer 17 apr 2024 alle ore 15:31 Aki Tuomi aki.tuomi@open-xchange.com ha scritto: that base64 encodes the plain password. Then it should work.
I'm not using lua currently, and i'm planning to move the server to a new one with users on DB, that's why i'm looking for a quick&dirty workaround, just to migrate all password to the new schema before the server migration.
Is not possible to use a plain passdb file ? If not, even with a dirty workaround, i'll do the schema change on the new server with accounts on DB but i really prefere to do this before, not after the migration.
Yeah. We are changing it for 2.4 though, but until that you need to use this workaround. Aki On 21/04/2024 09:18 EEST Gandalf Corvotempesta via dovecot dovecot@dovecot.org wrote: so it's not possible without using lua? i think this is a bug honestly Il mer 17 apr 2024, 16:16 Gandalf Corvotempesta < gandalf.corvotempesta@gmail.com> ha scritto: Il giorno mer 17 apr 2024 alle ore 15:31 Aki Tuomi aki.tuomi@open-xchange.com ha scritto: If you have version with Lua support, you can make a passdb with lua that base64 encodes the plain password. Then it should work. I'm not using lua currently, and i'm planning to move the server to a new one with users on DB, that's why i'm looking for a quick&dirty workaround, just to migrate all password to the new schema before the server migration. Is not possible to use a plain passdb file ? If not, even with a dirty workaround, i'll do the schema change on the new server with accounts on DB but i really prefere to do this before, not after the migration. _______________________________________________ dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
participants (3)
-
Aki Tuomi
-
Benny Pedersen
-
Gandalf Corvotempesta