Greetings all...
We are thinking about using the master DB, so a few admins can impersonate an ordinary user.
So, we want to define one master for a set of users. And this administrator cannot be master of the other users?
Can this be done somehow? Reading the docs, it seems that if a user is defined as master, it can login as everyone.
Thanks for any hint.
On Mon, 2007-02-05 at 12:39 -0800, Tom Bombadil wrote:
We are thinking about using the master DB, so a few admins can impersonate an ordinary user.
I was trying to do the same thing. Not for impersonation :) but for migration to another IMAP server (Zimbra).
The docs are here http://wiki.dovecot.org/MasterPassword
It works inconsistently for me for some reason. Sometimes dovecot recognized the auth_master_user_separator delimiter and sometimes it doesn't.
dovecot-1.0-0.beta8.3.fc5 did not Jan 26 18:57:01 mail dovecot: auth(default): passdb(zimbra,::ffff:169.237.222.333,master): Master user logging in as dlbewley*zimbra Jan 26 18:57:01 mail dovecot: auth(default): client out: OK 1 user=dlbewley*zimbra Jan 26 18:57:01 mail dovecot: auth(default): master in: REQUEST 146 19330 1 Jan 26 18:57:01 mail dovecot: auth(default): passwd(dlbewley*zimbra,::ffff:169.237.222.333): unknown user Jan 26 18:57:01 mail dovecot: auth(default): userdb(dlbewley*zimbra,::ffff:169.237.222.333): user not found from userdb Jan 26 18:57:01 mail dovecot: auth(default): master out: NOTFOUND 146 Jan 26 18:57:01 mail dovecot: imap-login: Internal login failure: user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.222.333, lip=::ffff:169.237.222.111, TLS
dovecot-1.0-1.1.rc15 on FC5 did work Jan 26 21:27:37 mail dovecot: auth(default): passdb(zimbra,::ffff:169.237.111.111,master): Master user logging in as dlbewley Jan 26 21:27:37 mail dovecot: auth(default): client out: OK 1 user=dlbewley Jan 26 21:27:37 mail dovecot: auth(default): master in: REQUEST 8 28380 1 Jan 26 21:27:37 mail dovecot: auth(default): master out: USER 8 dlbewley system_user=dlbewley uid=500 gid=500 home=/home/dlbewley master_user=zimbra Jan 26 21:27:37 mail dovecot: imap-login: Login: user=<dlbewley>, method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111
But then it stopped working in rc15. Feb 5 12:52:38 mail dovecot: auth(default): userdb(dlbewley*zimbra,::ffff:169.237.222.111): user not found from userdb Feb 5 12:52:38 mail dovecot: imap-login: Internal login failure: user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111, TLS
Here's my config: I tried various changes to auth_username_chars like adding * or blanking it out and using different characters for auth_master_user_separator.
protocols = imap imaps pop3 pop3s ssl_cert_file = /usr/share/ssl/certs/mail.cert ssl_key_file = /usr/share/ssl/private/mail.key disable_plaintext_auth = no login_process_per_connection = no login_processes_count = 10 max_mail_processes = 2048 protocol imap { } protocol pop3 { } auth_username_chars = auth_master_user_separator = * auth default { mechanisms = plain passdb passwd-file { args = /etc/dovecot/dovecot.masterusers master = yes pass = no } passdb pam { } userdb passwd { } user = root } plugin { }
-- Dale Bewley - Unix Administrator - Shields Library - UC Davis GPG: 0xB098A0F3 0D5A 9AEB 43F4 F84C 7EFD 1753 064D 2583 B098 A0F3
On Mon, 2007-02-05 at 13:02 -0800, Dale Bewley wrote:
But then it stopped working in rc15. Feb 5 12:52:38 mail dovecot: auth(default): userdb(dlbewley*zimbra,::ffff:169.237.222.111): user not found from userdb Feb 5 12:52:38 mail dovecot: imap-login: Internal login failure: user=<dlbewley*zimbra>, method=PLAIN, rip=::ffff:169.237.111.111, lip=::ffff:169.237.222.111, TLS
You didn't show auth_debug=yes output in here. Master user logins should be working as far as I know. I just tried and they are working at least with rc22.
participants (4)
-
Cor Bosman
-
Dale Bewley
-
Timo Sirainen
-
Tom Bombadil