Return extra fields from passwd userdb
Hi all.
I use dovecot 2.2.29.1.
Output of dovecot -n: # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl = no ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = # hidden, use -P to show it userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
Output of "doveadm -D quota get -u afasystems" is:
Debug: Loading modules from directory: /usr/lib/dovecot Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/doveadm Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth USER input: afasystems quota_rule=*:bytes=100M system_groups_user=afasystems uid=1002 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Added userdb setting: plugin/quota_rule=*:bytes=100M doveadm(afasystems): Debug: Effective uid=1002, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=10485760 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:/data/home/vmail/public doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: quota: quota_over_flag check: quota_over_script unset - skipping doveadm(afasystems): Debug: Namespace : Using permissions from /data/home/afasystems/.maildir: mode=0700 gid=default Quota name Type Value Limit % User quota STORAGE 469 102400 0 User quota MESSAGE 6 - 0
That's ok, but i want to return quota from quotaBytes userdb parameter
But if I use "default_fields = quota_rule=*:bytes=%$" in userdb,
Output of "doveadm -D quota get -u afasystems" is: Debug: Loading modules from directory: /usr/lib/dovecot Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/doveadm Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth USER input: afasystems quota_rule=*:bytes= system_groups_user=afasystems uid=1002 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Added userdb setting: plugin/quota_rule=*:bytes= doveadm(afasystems): Debug: Effective uid=1002, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 doveadm(afasystems): Error: User initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:bytes=: Invalid bytes limit: doveadm(afasystems): Error: User init failed Quota name Type Value Limit
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
Output of "doveadm -D quota get -u afasystems" is: Debug: Loading modules from directory: /usr/lib/dovecot Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/doveadm Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth USER input: afasystems quota_rule=*:bytes= system_groups_user=afasystems uid=1002 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Added userdb setting: plugin/quota_rule=*:bytes= doveadm(afasystems): Debug: Effective uid=1002, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 doveadm(afasystems): Error: User initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:bytes=: Invalid bytes limit: doveadm(afasystems): Error: User init failed Quota name Type Value Limit
if I use "default_fields = quota_rule=*:bytes=%{ldap:quotabytes}" in userdb,
Output of "doveadm -D quota get -u afasystems" is: Debug: Loading modules from directory: /usr/lib/dovecot Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so Debug: Loading modules from directory: /usr/lib/dovecot/doveadm Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_user_get_language_list (this is usually intentional, so just ignore this message) Debug: Skipping module doveadm_mail_crypt_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/libdoveadm_mail_crypt_plugin.so: undefined symbol: mail_crypt_box_get_pvt_digests (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth USER input: afasystems quota_rule=*:bytes=UNSUPPORTED_VARIABLE_ldap system_groups_user=afasystems uid=1002 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Added userdb setting: plugin/quota_rule=*:bytes=UNSUPPORTED_VARIABLE_ldap doveadm(afasystems): Debug: Effective uid=1002, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=0 messages=0 doveadm(afasystems): Error: User initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:bytes=UNSUPPORTED_VARIABLE_ldap: Invalid bytes limit: UNSUPPORTED_VARIABLE_ldap doveadm(afasystems): Error: User init failed Quota name Type Value Limit
Where I am wrong? What is the correct configuration?
Thanks in advance
-- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Fri, 7 Jul 2017, Michele Petrella wrote:
Output of dovecot -n: # 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386)
userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
default_fields supplies default values, if the userdb does not return them. Hence, you cannot reference a LDAP result.
the userdb section cannot merge two databases together. You said "Users who use mail are in LDAP db", so you would one userdb with driver ldap.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWWNARHz1H7kL/d9rAQJVAAf+KNHBAcZZgpc8q3AAnDOPj43xtbGzF3/E FSsuGJkswVVmkwckrmOQkehFS0M3PthvHcr9UmCutvw5Wzk9F0E6cm+V4z/Iu4g/ YmbHVt6dKiydn7yG7NpW7rf5j/ae2SB+uEvkvEXewr/XGuFNuCMcLSa9VpK7eAp5 mp0+/oJIh7aTU1+SKcKJQVr+kGHuzDVXAGyXupekF070slAWfm4Y7fpp6Ui8rTxO TTsGoZyi6ieWX6Vl729Io+xxCIbz6qtUpSkByJP389zA09HSt9EOUZlQaZJ32J6o sCC+JPxnuKMKCr4UlxGDT+JqXEHv8rZCf+QGLJ+U4e1y2oTTGkmUMw== =Av+G -----END PGP SIGNATURE-----
Hi, thanks for your helpful reply.
I understand that default_fields is not my solution.
To be more accurate, all users in ldap db need to use mail, but some users in /etc/passwd file use mail too. For this reason I set up "driver=passwd" in userdb section and in /etc/nsswitch.conf I set up "passwd: files ldap". Now I want to use dovecot per user quota to limit ldap users mailbox size. I need quota only for ldap users, no need for users in /etc/passwd file.
Which is the correct configuration to do this? I understand that I need to use extra fields to obtain user quota from users db. But you said "the userdb section cannot merge two databases together". So I can not use dovecot per user quota with "driver=passwd" in userdb section? I could use only global quota?
Thanks in advance
Michele
P.S.
I use dovecot-lda as delivery agent.
I send again my dovecot configuration:
2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl = no ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
default_fields supplies default values, if the userdb does not return them. Hence, you cannot reference a LDAP result.
the userdb section cannot merge two databases together. You said "Users who use mail are in LDAP db", so you would one userdb with driver ldap.
-- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it
You could use
passdb { driver = ldap args = /path/to/dovecot-auth-ldap.conf.ext }
passdb { driver = passwd skip = authenticated }
instead. then you can map quota stuff for your LDAP users and not for the passwd users.
Aki
On 20.07.2017 11:45, Michele Petrella wrote:
Hi, thanks for your helpful reply.
I understand that default_fields is not my solution.
To be more accurate, all users in ldap db need to use mail, but some users in /etc/passwd file use mail too. For this reason I set up "driver=passwd" in userdb section and in /etc/nsswitch.conf I set up "passwd: files ldap". Now I want to use dovecot per user quota to limit ldap users mailbox size. I need quota only for ldap users, no need for users in /etc/passwd file.
Which is the correct configuration to do this? I understand that I need to use extra fields to obtain user quota from users db. But you said "the userdb section cannot merge two databases together". So I can not use dovecot per user quota with "driver=passwd" in userdb section? I could use only global quota?
Thanks in advance
Michele
P.S.
I use dovecot-lda as delivery agent.
I send again my dovecot configuration:
2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl = no ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
default_fields supplies default values, if the userdb does not return them. Hence, you cannot reference a LDAP result.
the userdb section cannot merge two databases together. You said "Users who use mail are in LDAP db", so you would one userdb with driver ldap.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 20 Jul 2017, Michele Petrella wrote:
To be more accurate, all users in ldap db need to use mail, but some users in /etc/passwd file use mail too.
Does users exist in both passwd and ldap?
For this reason I set up "driver=passwd" in userdb section and in /etc/nsswitch.conf I set up "passwd: files ldap".
If you did this for Dovecot, revert it.
Now I want to use dovecot per user quota to limit ldap users mailbox size. I need quota only for ldap users, no need for users in /etc/passwd file.
Which is the correct configuration to do this?
use two databases for both passdb and userdb. One using pam / passwd, the other one the standard LDAP config.
see: https://wiki2.dovecot.org/Authentication/MultipleDatabases
Use LDAP instead of SQL userdb and passdb.
I guess, you will find posts in the sense "virtual and system users".
If there is no user in both databases, the order does not matter (except for speed); otherwise:
each database is tried in order of definition until a successful hit was found.
You can order the passdb's and userdb's differently, e.g. if passwd-passdb is first and the user's password match, and the ldap-userdb is first and you get a hit there, the user authentificates against passwd, but its data is retrieved from LDAP. See comment in page: "look up users from SQL first (even if authentication was done using PAM!)"
I understand that I need to use extra fields to obtain user quota from users db. But you said "the userdb section cannot merge two databases together". So
You cannot merge, but use one-after-another.
I can not use dovecot per user quota with "driver=passwd" in userdb section? I could use only global quota?
P.S.
I use dovecot-lda as delivery agent.
I send again my dovecot configuration:
2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl = no ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
default_fields supplies default values, if the userdb does not return them. Hence, you cannot reference a LDAP result.
the userdb section cannot merge two databases together. You said "Users who use mail are in LDAP db", so you would one userdb with driver ldap.
Steffen Kaiser
H Bonn-Rhein-Sieg | e-mail: Steffen.Kaiser@H-BRS.DE FB Informatik | room : C179 Grantham-Allee 20 | phone : +49 2241/865-203 53757 Sankt Augustin | Germany - Deutschland | fax : +49 2241/865-8203
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWXB4Q3Q8rp7BXVwTAQLBtgf/UeNwRnHz4y+5r71+Ni9oL1snzikq08rO zr9v+7kc6XZjPjATEcbrdnp6F+zPgiTtEye2k/1aQhjDdAxzAWKGOATeAfA7AJfw 5bbmtfzOm7flkpfiiM2zBBbcwAPemLcdzMl6NAm3pg32oCnF93IkKPou/y7xjmdw UAi4SxPaPQjUGqbkK6r3SFmDMPlUPAjQg2rqHBsc3gedJXy+milEKfwUiQhMtL7j aflHATo4gwwMDwyu6+zAYzJDTa+g9IQ8LzKEOPZWtNL6eQcI+h8TVrdcZftObZUK QETOnpN3IbFdIOfdrOlZ4Npe4BNby+dUGNViBP21ZNs9/nH0nvirOw== =yLbr -----END PGP SIGNATURE-----
Hi,
each user exists in one db.
I changed configuration:
# 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) auth_debug = yes debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { driver = passwd skip = authenticated } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = </conf/etc/cert/private/services/imap_pop/majornet.key userdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
File /var/etc/dovecot/dovecot-ldap.conf.ext is:
hosts = localhost base = ou=mnusers,dc=majornet,dc=local user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
But when I run: doveadm -D quota get -u afasystems
No extra field is returned: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth input: afasystems system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Effective uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:/data/home/vmail/public doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl Quota name Type Value Limit % User quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0
Where I am wrong?
Thank you very much
Il 20/07/2017 11:30, Steffen Kaiser ha scritto:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 20 Jul 2017, Michele Petrella wrote:
To be more accurate, all users in ldap db need to use mail, but some users in /etc/passwd file use mail too.
Does users exist in both passwd and ldap?
For this reason I set up "driver=passwd" in userdb section and in /etc/nsswitch.conf I set up "passwd: files ldap".
If you did this for Dovecot, revert it.
Now I want to use dovecot per user quota to limit ldap users mailbox size. I need quota only for ldap users, no need for users in /etc/passwd file.
Which is the correct configuration to do this?
use two databases for both passdb and userdb. One using pam / passwd, the other one the standard LDAP config.
see: https://wiki2.dovecot.org/Authentication/MultipleDatabases
Use LDAP instead of SQL userdb and passdb.
I guess, you will find posts in the sense "virtual and system users".
If there is no user in both databases, the order does not matter (except for speed); otherwise:
each database is tried in order of definition until a successful hit was found.
You can order the passdb's and userdb's differently, e.g. if passwd-passdb is first and the user's password match, and the ldap-userdb is first and you get a hit there, the user authentificates against passwd, but its data is retrieved from LDAP. See comment in page: "look up users from SQL first (even if authentication was done using PAM!)"
I understand that I need to use extra fields to obtain user quota from users db. But you said "the userdb section cannot merge two databases together". So
You cannot merge, but use one-after-another.
I can not use dovecot per user quota with "driver=passwd" in userdb section? I could use only global quota?
P.S.
I use dovecot-lda as delivery agent.
I send again my dovecot configuration:
2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf
# Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { driver = pam } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl = no ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = # hidden, use -P to show it userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
userdb { default_fields = quota_rule=*:bytes=%$ driver = passwd }
I have problems in return extra fields from passwd userdb. My users are partially in passwd files and partially in LDAP. Users who use mail are in LDAP db.
If I use "default_fields = quota_rule=*:bytes=100M" in userdb,
if I use "default_fields = quota_rule=*:bytes=%{userdb:quotabytes}" in userdb,
default_fields supplies default values, if the userdb does not return them. Hence, you cannot reference a LDAP result.
the userdb section cannot merge two databases together. You said "Users who use mail are in LDAP db", so you would one userdb with driver ldap.
Steffen Kaiser
H Bonn-Rhein-Sieg | e-mail: Steffen.Kaiser@H-BRS.DE FB Informatik | room : C179 Grantham-Allee 20 | phone : +49 2241/865-203 53757 Sankt Augustin | Germany - Deutschland | fax : +49 2241/865-8203
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQEVAwUBWXB4Q3Q8rp7BXVwTAQLBtgf/UeNwRnHz4y+5r71+Ni9oL1snzikq08rO zr9v+7kc6XZjPjATEcbrdnp6F+zPgiTtEye2k/1aQhjDdAxzAWKGOATeAfA7AJfw 5bbmtfzOm7flkpfiiM2zBBbcwAPemLcdzMl6NAm3pg32oCnF93IkKPou/y7xjmdw UAi4SxPaPQjUGqbkK6r3SFmDMPlUPAjQg2rqHBsc3gedJXy+milEKfwUiQhMtL7j aflHATo4gwwMDwyu6+zAYzJDTa+g9IQ8LzKEOPZWtNL6eQcI+h8TVrdcZftObZUK QETOnpN3IbFdIOfdrOlZ4Npe4BNby+dUGNViBP21ZNs9/nH0nvirOw== =yLbr -----END PGP SIGNATURE-----
-- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Michele Petrella wrote:
Hi,
each user exists in one db.
I changed configuration:
# 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) auth_debug = yes debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { driver = passwd skip = authenticated } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = </conf/etc/cert/private/services/imap_pop/majornet.key userdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
File /var/etc/dovecot/dovecot-ldap.conf.ext is:
hosts = localhost base = ou=mnusers,dc=majornet,dc=local user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
But when I run: doveadm -D quota get -u afasystems
Well, first try this:
doveadm user afasystems
All extra fields should be displayed (quotaByte only in your example). Then verify that this user has quotaBytes at all
ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes
Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb
user_attrs =
=home=%{ldap:homeDirectory},
=uid=%{ldap:uidNumber},
=gid=%{ldap:gidNumber}
all mappings using %{ldap:...} have a "=" prefixed before the settings name
Then re-try doveadm user ....
No extra field is returned: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth input: afasystems system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Effective uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:/data/home/vmail/public doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl Quota name Type Value Limit % User quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0
Where I am wrong?
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI= =ayu1 -----END PGP SIGNATURE-----
Thank you very much Steffen!
It finally works!
I have 2 ldap dbs in my system, the first for inetOrgPerson class and the second for system specific class attributes.
So I introduce another userdb section:
## ## User databases ##
# System users (NSS, /etc/passwd, or similiar). In many systems nowadays this # uses Name Service Switch, which is configured in /etc/nsswitch.conf. userdb { driver = ldap args = /var/etc/dovecot/dovecot-ldap.conf.ext result_success = continue-ok }
userdb { driver = ldap args = /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext }
userdb { driver = passwd }
and content of /var/etc/dovecot/dovecot-mnusers-ldap.conf.ext is:
user_filter = (&(objectClass=AFASystems)(uid=%u))
user_attrs =
=quota_rule=*:bytes=%{ldap:quotaBytes}
Now if I run "doveadm user afasystems", the output is:
field value uid 1040 gid 100 home /data/home/afasystems mail maildir:~/.maildir quota_rule *:bytes=80M
But if quotaBytes is empty in ldap, the output is:
# doveadm user admin doveadm(root): Error: user admin: Initialization failed: Failed to initialize quota: Invalid quota root quota: Invalid rule *:bytes= : Invalid rule limit value 'bytes= ': Unknown unit: field value
Is there a way in dovecot configuration to assign 0 (i.e. unlimited) to quota_rule if quotaBytes from ldap is empty?
Thank you so much again!
Il 21/07/2017 22:29, Steffen ha scritto:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
Michele Petrella wrote:
Hi,
each user exists in one db.
I changed configuration:
# 2.2.29.1 (e0b76e3): /var/etc/dovecot/dovecot.conf # Pigeonhole version 0.4.18 (29cc74d) # OS: Linux 3.10.55-gentoo i686 SuSE Linux 7.1 (i386) auth_debug = yes debug_log_path = /var/log/dovecot/dovecot_debug.log disable_plaintext_auth = no info_log_path = /var/log/state.mail/dovecot.pipe log_path = /var/log/dovecot/dovecot.log mail_debug = yes mail_gid = users mail_location = maildir:~/.maildir mail_plugins = acl quota mail_shared_explicit_inbox = yes mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date ihave duplicate namespace { list = yes location = maildir:/data/home/vmail/public prefix = Public/ separator = / subscriptions = no type = public } namespace { list = children location = maildir:/data/home/%%n/.maildir:INDEX=~/.maildir/shared/%%u prefix = Shared/%%u/ separator = / subscriptions = no type = shared } namespace inbox { inbox = yes list = yes location = mailbox Cestino { special_use = \Trash } mailbox Drafts { special_use = \Drafts } mailbox Junk { special_use = \Junk } mailbox "Posta inviata" { special_use = \Sent } mailbox Sent { special_use = \Sent } mailbox "Sent Messages" { special_use = \Sent } mailbox Trash { special_use = \Trash } prefix = separator = / subscriptions = yes type = private } passdb { args = /etc/dovecot/passwd.masterusers driver = passwd-file master = yes } passdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } passdb { driver = passwd skip = authenticated } plugin { acl = vfile:/etc/dovecot/acl:cache_secs=300 acl_shared_dict = file:/var/lib/dovecot-dict/shared-mailboxes quota = maildir:User quota quota_rule = *:storage=5M quota_rule2 = Trash:storage=+100M quota_rule3 = SPAM:ignore sieve = ~/.dovecot.sieve sieve_before = /var/etc/dovecot/sieve/general/ sieve_dir = ~/sieve sieve_execute_bin_dir = /usr/local/bin/dovecot/sieve-execute sieve_filter_bin_dir = /usr/local/bin/dovecot/sieve-filter sieve_global_dir = /var/etc/dovecot/sieve/global/ sieve_global_extensions = +vnd.dovecot.execute +vnd.dovecot.filter +vnd.dovecot.pipe +editheader sieve_pipe_bin_dir = /usr/local/bin/dovecot/sieve-pipe sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve service auth { unix_listener auth-userdb { group = users } } service imap-postlogin { executable = script-login /usr/local/bin/imap-postlogin.sh user = $default_internal_user } service imap { executable = imap imap-postlogin } ssl_cert = </conf/etc/cert/certs/services/imap_pop/majornet.crt ssl_key = </conf/etc/cert/private/services/imap_pop/majornet.key userdb { args = /var/etc/dovecot/dovecot-ldap.conf.ext driver = ldap } userdb { driver = passwd } protocol lda { info_log_path = /var/log/dovecot/dovecot-lda.log log_path = /var/log/dovecot/dovecot-lda.log mail_plugins = acl quota sieve } protocol imap { mail_max_userip_connections = 20 mail_plugins = acl quota imap_acl imap_quota }
File /var/etc/dovecot/dovecot-ldap.conf.ext is:
hosts = localhost base = ou=mnusers,dc=majornet,dc=local user_attrs = quota_rule=*:bytes=%{ldap:quotaBytes}
But when I run: doveadm -D quota get -u afasystems Well, first try this:
doveadm user afasystems
All extra fields should be displayed (quotaByte only in your example). Then verify that this user has quotaBytes at all
ldapsearch -B ou=mnusers,dc=majornet,dc=local user=afasystems quotaBytes
Then look here: https://wiki2.dovecot.org/AuthDatabase/LDAP/Userdb user_attrs =
=home=%{ldap:homeDirectory},
=uid=%{ldap:uidNumber},
=gid=%{ldap:gidNumber}all mappings using %{ldap:...} have a "=" prefixed before the settings name
Then re-try doveadm user ....
No extra field is returned: doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib01_acl_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/lib10_quota_plugin.so doveadm(root): Debug: Loading modules from directory: /usr/lib/dovecot/doveadm doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_acl_plugin.so doveadm(root): Debug: Skipping module doveadm_expire_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib10_doveadm_expire_plugin.so: undefined symbol: expire_set_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_quota_plugin.so doveadm(root): Debug: Module loaded: /usr/lib/dovecot/doveadm/lib10_doveadm_sieve_plugin.so doveadm(root): Debug: Skipping module doveadm_fts_lucene_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_lucene_plugin.so: undefined symbol: lucene_index_iter_deinit (this is usually intentional, so just ignore this message) doveadm(root): Debug: Skipping module doveadm_fts_plugin, because dlopen() failed: /usr/lib/dovecot/doveadm/lib20_doveadm_fts_plugin.so: undefined symbol: fts_backend_rescan (this is usually intentional, so just ignore this message) doveadm(afasystems): Debug: auth input: afasystems system_groups_user=afasystems uid=1040 gid=100 home=/data/home/afasystems doveadm(afasystems): Debug: Effective uid=1040, gid=100, home=/data/home/afasystems doveadm(afasystems): Debug: Quota root: name=User quota backend=maildir args= doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=* bytes=5242880 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=Trash bytes=+104857600 messages=0 doveadm(afasystems): Debug: Quota rule: root=User quota mailbox=SPAM ignored doveadm(afasystems): Debug: Quota grace: root=User quota bytes=524288 (10%) doveadm(afasystems): Debug: Namespace inbox: type=private, prefix=, sep=/, inbox=yes, hidden=no, list=yes, subscriptions=yes location=maildir:~/.maildir doveadm(afasystems): Debug: maildir++: root=/data/home/afasystems/.maildir, index=, indexpvt=, control=, inbox=/data/home/afasystems/.maildir, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 1 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=public, prefix=Public/, sep=/, inbox=no, hidden=no, list=yes, subscriptions=no location=maildir:/data/home/vmail/public doveadm(afasystems): Debug: maildir++: root=/data/home/vmail/public, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl doveadm(afasystems): Debug: Namespace : type=shared, prefix=Shared/%u/, sep=/, inbox=no, hidden=no, list=children, subscriptions=no location=maildir:/data/home/%n/.maildir:INDEX=~/.maildir/shared/%u doveadm(afasystems): Debug: shared: root=/var/run/dovecot, index=, indexpvt=, control=, inbox=, alt= doveadm(afasystems): Debug: acl: initializing backend with data: vfile:/etc/dovecot/acl:cache_secs=300 doveadm(afasystems): Debug: acl: acl username = afasystems doveadm(afasystems): Debug: acl: owner = 0 doveadm(afasystems): Debug: acl vfile: Global ACL legacy directory: /etc/dovecot/acl Quota name Type Value Limit % User quota STORAGE 9517 5120 185 User quota MESSAGE 263 - 0
Where I am wrong?
-----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org
iQEcBAEBCgAGBQJZcmQXAAoJEHz1H7kL/d9rnhEH/RKIc+TodFZsoxSPg/j6nuzf YWNamXhjS0O76g5ufAQdEcR6+5joEc0n4nC71hK3MtEbtX3kIM7LoEwipVlptf1r OkkJ90wieFQCp79MsWtLSL5+cvm1vR3rYe5v8tR8M3A8uGBeI+MkB05RhT2v0SrJ 3KxsGGjGDupUlSml2FuMmMIgJfiUu7oDWj4Tk09/qxasOCK+TZsmz8JvSg9O2Qwm cHF4syexJb4u1hjrYJCusCVOCjlHOjUzLvwwZJwcseUyxZEDkq46qmlKhjUrr22H +evSEwE/ocJyman4h1ag70mGn/k0rVdyBygxOn1f5yW0AWzwX5Xyycwd7qo77vI= =ayu1 -----END PGP SIGNATURE-----
-- AFA Systems Srl Via G.Pastore Zona Industriale B 86039 Termoli (CB) - Italia tel.: +39 0875 724104 fax.: +39 0875 726084 www.afasystems.it
participants (5)
-
Aki Tuomi
-
Michele Petrella
-
Steffen
-
Steffen Kaiser
-
Steffen Kaiser