[Dovecot] 1.1 master auth not expanding static userdb variables
Can dovecot-1.1 deliver work with static userdb? I'm currently running dovecot-1.0.12 and postfix-2.4.6, with virtual users' maildirs all owned by vmail and mail_location = maildir:/var/mail/%Lu. The following definition of the dovecot transport in postfix/master.conf works fine with dovecot-1.0:
dovecot unix - n n - 1 pipe
flags=DRh user=vmail:vmail argv=/usr/libexec/dovecot/deliver
-d ${user}@${nexthop} -n -m ${extension}
Note that I'm not using postfix pipe's "u" flag, since that lowercases everything to the left of "@", including the extension, and we need the extension to be case sensitive. Dovecot is configured with static userdb and args = user=%Lu uid=206 gid=206 home=/var/mailhomes/%Lu, which takes care of making sure the username is lowercase. All of this has been working fine for some time with dovecot-1.0.
After upgrading to 1.1_rc2, however, deliver creates a maildir named "%Lu" and delivers all mail for all users to it. Everything else works just fine as before: users can log in, postfix can auth smtp via dovecot sasl, etc.
I've tried invoking deliver with -k, adding "mail=maildir:/var/mail/%Lu" to the end of the userdb args, and checked file permissions on the auth sockets, maildirs, and virtual homes. Rolling back to 1.0.12 is the only way I can get deliver to behave as expected.
What changed between 1.0 and 1.1 in the way deliver does userdb lookups or how dovecot auth serves to it that could cause this? Does anyone here here have a similar config working with 1.1? Has anyone else observed similar behavior?
Thanks, Andrew
Andrew Roberts wrote:
After upgrading to 1.1_rc2, however, deliver creates a maildir named "%Lu" and delivers all mail for all users to it. Everything else works just fine as before: users can log in, postfix can auth smtp via dovecot sasl, etc.
I think you need this patch,
http://hg.dovecot.org/dovecot-1.1/rev/631fd6f25e41
which was mentioned in an unrelated thread earlier today. I also struggled for some time until I realized this. Hopefully rc3 will be out quickly :-)
HTH, Anders.
On Sat, 2008-03-08 at 13:21 -0800, Andrew Roberts wrote:
Dovecot is configured with static userdb and args = user=%Lu uid=206 gid=206 home=/var/mailhomes/%Lu, which takes care of making sure the username is lowercase. All of this has been working fine for some time with dovecot-1.0.
After upgrading to 1.1_rc2, however, deliver creates a maildir named "%Lu" and delivers all mail for all users to it.
Is the %Lu from home=/var/mailhomes/%Lu user from user=%Lu? Do either of them get expanded correctly? dovecot-auth should already do the %Lu expansion, not deliver/master. Set auth_debug=yes and see what it shows in "Master out" line?
I couldn't reproduce this, %Lu was always expanded. I did find a crash though: http://hg.dovecot.org/dovecot-1.1/rev/2d3b9a6d23f5
Timo Sirainen wrote:
On Sat, 2008-03-08 at 13:21 -0800, Andrew Roberts wrote:
Dovecot is configured with static userdb and args = user=%Lu uid=206 gid=206 home=/var/mailhomes/%Lu, which takes care of making sure the username is lowercase. All of this has been working fine for some time with dovecot-1.0.
After upgrading to 1.1_rc2, however, deliver creates a maildir named "%Lu" and delivers all mail for all users to it.
Is the %Lu from home=/var/mailhomes/%Lu user from user=%Lu? Do either of them get expanded correctly? dovecot-auth should already do the %Lu expansion, not deliver/master. Set auth_debug=yes and see what it shows in "Master out" line?
It looks like dovecot-auth is doing the right thing.
Mar 9 21:08:17 milne dovecot: auth(default): master in: USER 1 aroberts@noom.org service=deliver Mar 9 21:08:17 milne dovecot: auth(default): master out: USER 1 aroberts@noom.org uid=206 gid=206 home=/var/mail/mailhome/aroberts@noom.org mail=maildir:/var/mail/aroberts@noom.org
Here's the output of dovecot -n # 1.1.rc3: /etc/dovecot/dovecot.conf protocols: imaps imap managesieve listen(default): 127.0.0.1:143 listen(imap): 127.0.0.1:143 listen(managesieve): 127.0.0.1:2000 ssl_listen(default): *:993 ssl_listen(imap): *:993 ssl_listen(managesieve): ssl_cert_file: /etc/ssl/dovecot/imapd.crt ssl_key_file: /etc/ssl/dovecot/imapd.key login_dir: /var/run/dovecot/login login_executable(default): /usr/libexec/dovecot/imap-login login_executable(imap): /usr/libexec/dovecot/imap-login login_executable(managesieve): /usr/libexec/dovecot/managesieve-login login_greeting_capability(default): yes login_greeting_capability(imap): yes login_greeting_capability(managesieve): no valid_chroot_dirs: /var/mail first_valid_uid: 206 last_valid_uid: 206 first_valid_gid: 206 last_valid_gid: 206 mail_location: maildir:/var/mail/%Lu maildir_copy_preserve_filename: yes mail_executable(default): /usr/libexec/dovecot/imap mail_executable(imap): /usr/libexec/dovecot/imap mail_executable(managesieve): /usr/libexec/dovecot/managesieve mail_plugins(default): acl mail_plugins(imap): acl mail_plugins(managesieve): mail_plugin_dir(default): /usr/lib/dovecot/imap mail_plugin_dir(imap): /usr/lib/dovecot/imap mail_plugin_dir(managesieve): /usr/lib/dovecot/managesieve imap_client_workarounds(default): outlook-idle imap_client_workarounds(imap): outlook-idle imap_client_workarounds(managesieve): sieve_storage(default): sieve_storage(imap): sieve_storage(managesieve): ~/sieve sieve(default): sieve(imap): sieve(managesieve): ~/.dovecot.sieve namespace: type: private separator: . location: maildir:/var/mail/%Lu inbox: yes list: yes subscriptions: yes namespace: type: public separator: . prefix: shared. location: maildir:/var/mail/shared:CONTROL=/var/mail/mailhome/%Lu/shared:INDEX=/var/mail/mailhome/%Lu/shared list: yes subscriptions: yes auth default: mechanisms: PLAIN LOGIN default_realm: noom.org user: postmaster debug: yes passdb: driver: ldap args: /etc/dovecot/dovecot-ldap.conf userdb: driver: static args: allow_all_users=yes user=%Lu uid=206 gid=206 home=/var/mail/mailhome/%Lu mail=maildir:/var/mail/%Lu socket: type: listen client: path: /var/spool/postfix/private/auth mode: 432 user: postfix group: postfix master: path: /var/run/dovecot/deliver-auth mode: 384 user: vmail group: vmail plugin: acl: vfile
On Sun, 2008-03-09 at 21:18 -0700, Andrew Roberts wrote:
After upgrading to 1.1_rc2, however, deliver creates a maildir named "%Lu" and delivers all mail for all users to it.
Is the %Lu from home=/var/mailhomes/%Lu user from user=%Lu? Do either of them get expanded correctly? dovecot-auth should already do the %Lu expansion, not deliver/master. Set auth_debug=yes and see what it shows in "Master out" line?
It looks like dovecot-auth is doing the right thing.
Mar 9 21:08:17 milne dovecot: auth(default): master in: USER 1 aroberts@noom.org service=deliver Mar 9 21:08:17 milne dovecot: auth(default): master out: USER 1 aroberts@noom.org uid=206 gid=206 home=/var/mail/mailhome/aroberts@noom.org mail=maildir:/var/mail/aroberts@noom.org
ok, so:
namespace: type: private separator: . location: maildir:/var/mail/%Lu inbox: yes list: yes subscriptions: yes
Do you mean it creates /var/mail/%Lu directory and changing namespace location changes this to e.g. /var/mail/test tries to create that instead of %Lu?
On Mon, 10 Mar 2008, Timo Sirainen wrote:
Do you mean it creates /var/mail/%Lu directory and changing namespace location changes this to e.g. /var/mail/test tries to create that instead of %Lu?
That's right. Changing it to /var/mail/%u creates a directory named "%u". Same for "test".
The "mail=maildir:/var/mail/%Lu" in usrdb args was something I added to see if it made a difference. I've enabled logging in deliver, but am getting only the info mesages that show the correct (expanded) username and say "saved mail to INBOX".
Andrew
On Sun, 2008-03-09 at 21:18 -0700, Andrew Roberts wrote:
Here's the output of dovecot -n # 1.1.rc3: /etc/dovecot/dovecot.conf
BTW:
mail_location: maildir:/var/mail/%Lu
This is never used, because you specified it in namespace:
namespace: type: private separator: . location: maildir:/var/mail/%Lu
This is what is always used.
userdb: driver: static args: allow_all_users=yes user=%Lu uid=206 gid=206 home=/var/mail/mailhome/%Lu mail=maildir:/var/mail/%Lu
"mail" is also never used here, because although it overrides mail_location, namespace's location overrides mail_location.
participants (3)
-
Anders
-
Andrew Roberts
-
Timo Sirainen