Hi
I'm trying to use the variable %{listener} in the following password mysql query:
password_query = SELECT accounts.mcf AS password FROM accounts, domains WHERE user = '%n' AND accounts.domain = '%d' AND accounts.domain = domains.domain AND domains.host = '%{hostname}' AND accounts.service IN ('master', '%{listener}')
but it doesn't expand, giving:
Failed to expand password_query=SELECT accounts.mcf AS password FROM accounts, domains WHERE user = '%n' AND accounts.domain = '%d' AND accounts.domain = domains.domain AND domains.host = '%{hostname}' AND accounts.service IN ('master', '%{listener} ') : Unknown variable '%listener'
%{hostname} works correctly, as well as other variables I tried.
many thanks Franz
below my doveconf -n:
# 2.3.19 (b3ad6004dc): /etc/dovecot/dovecot.conf # Pigeonhole version 0.5.19 (4eae2f79) # OS: Linux 5.10.0-13-amd64 x86_64 Debian 11.3 # Hostname: example.org auth_debug = yes auth_mechanisms = plain login auth_verbose = yes disable_plaintext_auth = no doveadm_password = # hidden, use -P to show it doveadm_port = 12345 hostname = example.org login_log_format_elements = method=%m lip=%l %c %k mail_fsync = never mail_location = maildir:/var/vmail/%d/%n@%d/:INDEX=/var/vmail_indexes/%d/%n@%d/ mail_max_userip_connections = 200 mail_plugins = " notify replication fts fts_lucene" maildir_stat_dirs = yes maildir_very_dirty_syncs = yes managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto reject envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date index ihave duplicate mime foreverypart extracttext namespace inbox { inbox = yes location = mailbox Drafts { auto = subscribe special_use = \Drafts } mailbox Sent { auto = subscribe special_use = \Sent } mailbox Spam { auto = subscribe special_use = \Junk } mailbox Trash { auto = subscribe special_use = \Trash } prefix = } passdb { args = /etc/dovecot/sql.conf.ext driver = sql } plugin { fts = lucene fts_autoindex = yes fts_autoindex_max_recent_msgs = 80 fts_index_timeout = 90 fts_lucene = whitespace_chars=@. last_login_dict = proxy::lastlogin last_login_key = # hidden, use -P to show it sieve_extensions = +vnd.dovecot.filter sieve_global_extensions = +vnd.dovecot.filter sieve_plugins = sieve_extprograms } protocols = imap pop3 lmtp sieve submission service aggregator { fifo_listener replication-notify-fifo { user = dovemail } unix_listener replication-notify { user = dovemail } } service dict { unix_listener dict { group = dovemail mode = 0660 user = root } } service doveadm { inet_listener { port = 12345 } } service imap-login { service_count = 1 } service imap { executable = imap } service lmtp { inet_listener lmtp { port = 24 } process_min_avail = 5 } service managesieve-login { inet_listener sieve { port = 4190 } } service pop3-login { service_count = 1 } service pop3 { executable = pop3 } service replicator { process_min_avail = 1 unix_listener replicator-doveadm { group = dovemail mode = 0600 user = dovemail } } service submission-login { inet_listener submissions { port = 465 ssl = yes } } ssl_cipher_list = ALL:!LOW:!SSLv2:!EXP:!aNULL:!RC4::!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS ssl_dh = # hidden, use -P to show it ssl_key = # hidden, use -P to show it ssl_prefer_server_ciphers = yes submission_max_mail_size = 100000000 B submission_max_recipients = 100 submission_relay_host = 127.0.0.1 submission_relay_port = 10025 userdb { args = uid=1000 gid=1000 home=/var/vmail/%d/%n@%d/ plain_pass=#hidden_use-P_to_show# user_part=%n domain_part=%d driver = static } userdb { driver = prefetch } userdb { args = /etc/dovecot/sql.conf.ext driver = sql } valid_chroot_dirs = /var/vmail:/var/vmail_indexes protocol imap { mail_plugins = " notify replication fts fts_lucene imap_zlib last_login" } protocol pop3 { mail_plugins = " notify replication fts fts_lucene last_login" } protocol lmtp { mail_fsync = optimized mail_plugins = " notify replication fts fts_lucene sieve" }
On 19/05/2022 00:45 cesco cesco@esiliati.org wrote:
Hi
I'm trying to use the variable %{listener} in the following password mysql query:
password_query = SELECT accounts.mcf AS password FROM accounts, domains WHERE user = '%n' AND accounts.domain = '%d' AND accounts.domain = domains.domain AND domains.host = '%{hostname}' AND accounts.service IN ('master', '%{listener}')
but it doesn't expand, giving:
Failed to expand password_query=SELECT accounts.mcf AS password FROM accounts, domains WHERE user = '%n' AND accounts.domain = '%d' AND accounts.domain = domains.domain AND domains.host = '%{hostname}' AND accounts.service IN ('master', '%{listener} ') : Unknown variable '%listener'
%{hostname} works correctly, as well as other variables I tried.
many thanks Franz
below my doveconf -n:
Hi!
%{listener} is not available in authentication process, only in login process for logging purposes, as stated in documentation.
You can use %{service} instead?
Aki
Hi!
%{listener} is not available in authentication process, only in login process for logging purposes, as stated in documentation.
You can use %{service} instead?
Aki
Hi sorry, for whatever reason I was thinking the query is executed in 'login' context, but clearly is in auth. my mistake.
Unfortunately, %{service} has not enough granularity for my case. I'm trying to discriminate logins based on various listeners I created on different ports. I can use ports (that seems to work), but %listener was better as I can assign to them arbitrary names to match in database. Are there other ways to do that?
many thanks Franz
On 19/05/2022 11:58 cesco cesco@esiliati.org wrote:
Hi!
%{listener} is not available in authentication process, only in login process for logging purposes, as stated in documentation.
You can use %{service} instead?
Aki
Hi sorry, for whatever reason I was thinking the query is executed in 'login' context, but clearly is in auth. my mistake.
Unfortunately, %{service} has not enough granularity for my case. I'm trying to discriminate logins based on various listeners I created on different ports. I can use ports (that seems to work), but %listener was better as I can assign to them arbitrary names to match in database. Are there other ways to do that?
many thanks Franz
Presently I think you'll have to do with %{service}%{real_lport}.
Aki
participants (2)
-
Aki Tuomi
-
cesco