Re: Unable to get virtual users set up with database auth
When you reply, try to make sure you reply to the list (dovecot@dovecot.org), in Thunderbird you should have a Reply List button, or just use reply to all.
btw I meant: the output of the 'dovecot -n' command, sorry :D
OK so, first of all, lda doesn't do any passdb lookup at all, only userdb. It doesn't have any password to check.
Just as a comment, your password query could just as well be:
password_query = SELECT uPass as password FROM users WHERE uName = '%n' AND uDomain = '%d'
auth_username_format = %Lu -- which I believe is set by default, would lowercase the username for you on the way in from the client, so if all your usernames are meant to be purely lowercase, there is no need to return these fields from the database. Set it explicitly just to be sure. You're using a somewhat old version, I'm not sure how it was back then. Either way, this shouldn't be affecting lda.
Now, this seems to be wrong.
mail_location = mbox:/var/spool/mail/%u:INBOX=/var/spool/mail/%u
You probably want it more like: mbox:~/mail:INBOX=/var/spool/mail/%u
The first value, ~/mail, will be a /mail directory under the 'home' directory set in your static userdb, and that's where mailboxes (folders) other than INBOX will be stored. It must be a directory, not a file!
I'm a little confused about some of the other details in your log. Let's try to correct your mail_location first and see where that takes us.
Also, under namespace, you might as well comment out the 'location = ' and 'prefix = ' lines, though I'm not sure it matters.
On 10/16/2014 12:51 PM, Cliff Hayes wrote:
Here it is:
[root@avalon dovecot]# dovecot -n output # 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-431.29.2.el6.x86_64 x86_64 Scientific Linux release 6.5 (Carbon) ext4 auth_debug = yes auth_debug_passwords = yes auth_verbose = yes auth_verbose_passwords = plain first_valid_uid = 496 mail_access_groups = mail mail_debug = yes mail_location = mbox:/var/spool/mail/%u:INBOX=/var/spool/mail/%u mbox_write_locks = fcntl namespace { hidden = no inbox = yes list = yes location = prefix = separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql } protocols = imap ssl_ca =
[root@avalon dovecot]# cat dovecot-sql.conf.ext
driver = mysql
default_pass_scheme = PLAIN
connect = host=localhost dbname=email user=blah password=blah
password_query = SELECT uName as user, uNameDomain as username, uDomain as domain, uPass as password FROM users WHERE uName = '%n' AND uDomain = '%d'
On 10/16/2014 11:24 AM, Gedalya wrote:
On 10/16/2014 12:19 PM, Cliff Hayes wrote:
well i don't want to use system users. but how do I assign a UID and GID to virtual users to eliminate the permissions errors?
For dovecot, it is like this: http://wiki2.dovecot.org/AuthDatabase/SQL#User_database_lookups
I don't know if this would be OK with your sendmail side.
You should really post your complete dovecot config (dovecot -n output + any ".ext" files) so that we can get a better picture.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
On Thu, 16 Oct 2014, Gedalya wrote:
btw I meant: the output of the 'dovecot -n' command
OK so, first of all, lda doesn't do any passdb lookup at all, only userdb. It doesn't have any password to check.
Gedalya is correct.
mail_location = mbox:/var/spool/mail/%u:INBOX=/var/spool/mail/%u
This makes no sense, either /var/spool/mail/%u is your mail root or INBOX.
mbox_write_locks = fcntl namespace { hidden = no inbox = yes list = yes
location = prefix = comment them out
separator = . subscriptions = yes type = private } passdb { args = /etc/dovecot/dovecot-sql.conf.ext driver = sql }
userdb { args = uid=497 gid=12 home=/var/email/%u driver = static }
quote of your 1st message:
Oct 16 00:10:26 avalon sendmail[2536]: s9G5APo9002535: forward /var/spool/mail/chayes@domain.tld/chayes/.forward.avalon: Group writable directory Oct 16 00:10:26 avalon sendmail[2536]: s9G5APo9002535: forward /var/spool/mail/chayes@domain.tld/chayes/.forward: Group writable directory Oct 16 00:10:26 avalon dovecot: lda(chayes): Debug: Effective uid=497, gid=497, home=/var/spool/mail/chayes@domain.tld/chayes Oct 16 00:10:26 avalon dovecot: lda(chayes): Debug: Home dir not found: /var/spool/mail/chayes@domain.tld/chayes Oct 16 00:10:26 avalon dovecot: lda(chayes): Debug: Namespace : type=private, prefix=, sep=., inbox=yes, hidden=no, list=yes, subscriptions=yes location=mbox:/var/spool/mail/chayes:INBOX=/var/spool/mail/chayes Oct 16 00:10:26 avalon dovecot: lda(chayes): Debug: fs: root=/var/spool/mail/chayes, index=, control=, inbox=/var/spool/mail/chayes
Both, sendmail and deliver use a non-existant home directory of user chayes. The last log line then has the values from your config.
It looks like:
a) /etc/passwd contains wrong values for "home", you need a home directory, which must differ from the the mail root
b) you start Dovecot LDA _without_ -d option and not as root, that means, that the LDA does not query the userdb, but relies on the environment variables. See http://wiki2.dovecot.org/LDA
c) Did you configured sendmail to pass the domain forth to the LDA?
====
Please tell us:
- do you run sendmail in a multi-domain setup with system users?
- what's the home directory for chayes,
- what's the mail root and mailbox format for chayes,
- what's the location of the INBOX of chayes,
- what's the system user (name, uid & gid, other /etc/passwd data) the procmail script runs under.
Steffen Kaiser -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux)
iQEVAwUBVEDAm3z1H7kL/d9rAQLNkgf/Ts0K14NahsEOZD0ocoPqCA/WzdNre2cC y3FxL4i50Kdr4Y2czso0xcR6cThtVTGLbiJGgG7Hvi4tDH5bTSESJU92BByHFMpD FCQO7o1j5ubw+0vPb70YCPw0z6OEsN4SPwkh8oLnjAW2PETNKmF5Y9a9v/JrdJeK yQz7RUy3mOO9g334sKTI3QzuvbFaEnZXPmoCbbOauIljUzTcFOaDg5qcKI9XjNQ5 uV9ZQdG1i2LCv6S88hAmip+/EgeK/FoD/syQYzXuSMjfHnJBnAPUbSBl/mQmMdF5 eRazYldyA7Qtk6Y/piQn24Di6E8Ri+XnfT9EpMDn/oDqBx/wLR+XLA== =6GuU -----END PGP SIGNATURE-----
participants (2)
-
Gedalya
-
Steffen Kaiser