[Dovecot] Master user
Hi,
I'd like to have a master user that can read the other users mailboxes. I have only one user who read and write the mail (i.e. I use the static userdb) and I use namespace for public and shared mailboxes. I can authenticate to the server but I am not able to list the mailboxes:
emiliano@dovecot:~$ telnet localhost imap Trying 127.0.0.1... Connected to localhost. Escape character is '^]'.
- OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE AUTH=PLAIN] Dovecot ready. 1 login user*master password 1 OK [CAPABILITY IMAP4rev1 LITERAL+ SASL-IR LOGIN-REFERRALS ID ENABLE IDLE SORT SORT=DISPLAY THREAD=REFERENCES THREAD=REFS MULTIAPPEND UNSELECT CHILDREN NAMESPACE UIDPLUS LIST-EXTENDED I18NLEVEL=1 CONDSTORE QRESYNC ESEARCH ESORT SEARCHRES WITHIN CONTEXT=SEARCH LIST-STATUS ACL RIGHTS=texk] Logged in 5 LIST "" *
- LIST (\Unmarked) "." "INBOX"
- LIST (\Noselect \HasNoChildren) "." "shared"
- LIST (\Noselect \HasChildren) "." "public" 5 OK List completed.
- BYE Server shutting down. Connection closed by foreign host.
This is my conf:
# 2.0.9: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-131.0.15.el6.x86_64 x86_64 Scientific Linux release 6.1 (Carbon) ext4 auth_master_user_separator = * disable_plaintext_auth = no mail_location = maildir:/data/MAIL/MAILDIR/%u:INBOX=/data/MAIL/INBOX/%u:INDEX=/data/MAIL/METADATA/%u mbox_write_locks = fcntl namespace { inbox = yes location = prefix = separator = . type = private } namespace { list = yes location = maildir:/data/MAIL/MAILDIR/%%u:INDEX=/data/MAIL/MAILDIR/shared/%u/%%u prefix = shared.%%u. separator = . subscriptions = no type = shared } namespace { list = yes location = maildir:/data/MAIL/SHARED prefix = public. separator = . subscriptions = no type = public } passdb { driver = pam } passdb { args = /etc/dovecot/master-shared driver = passwd-file master = yes } plugin { acl = vfile:/etc/dovecot/global-acls:cache_secs=300 acl_anyone = allow acl_shared_dict = file:/var/lib/dovecot/shared-mailboxes.db } protocols = imap service auth { unix_listener auth-userdb { group = mailreader mode = 0600 user = mailreader } } ssl = no ssl_cert = </etc/pki/dovecot/certs/dovecot.pem ssl_key = </etc/pki/dovecot/private/dovecot.pem userdb { args = uid=mailreader gid=mailreader home=/ allow_all_users=yes driver = static } protocol lda { mail_plugins = acl } protocol imap { mail_plugins = acl imap_acl }
And in /etc/dovecot/master-shared:
master:{PLAIN}password
What I did wrong?
Thanks, Emiliano
On Tue, 2012-02-28 at 16:11 +0000, Emiliano Rago wrote:
I'd like to have a master user that can read the other users mailboxes. I have only one user who read and write the mail (i.e. I use the static userdb) and I use namespace for public and shared mailboxes. I can authenticate to the server but I am not able to list the mailboxes:
With ACL plugin enabled, the master user's ACLs are used. And your master user has no ACLs, so nothing is shown. The proper fix for this would be to set a default ACL for the master user, but default ACLs don't exist yet. So you'll have to kludge this, by changing the master user back to the login username. Try if this works:
userdb { args = uid=mailreader gid=mailreader allow_all_users=yes master_user=%u driver = static }
Also don't set your home to /. Better not to set it at all. http://wiki2.dovecot.org/VirtualUsers/Home
On 02/28/2012 04:37 PM, Timo Sirainen wrote:
On Tue, 2012-02-28 at 16:11 +0000, Emiliano Rago wrote:
I'd like to have a master user that can read the other users mailboxes. I have only one user who read and write the mail (i.e. I use the static userdb) and I use namespace for public and shared mailboxes. I can authenticate to the server but I am not able to list the mailboxes:
With ACL plugin enabled, the master user's ACLs are used. And your master user has no ACLs, so nothing is shown. The proper fix for this would be to set a default ACL for the master user, but default ACLs don't exist yet. So you'll have to kludge this, by changing the master user back to the login username. Try if this works:
userdb { args = uid=mailreader gid=mailreader allow_all_users=yes master_user=%u driver = static }
Thanks, but nothing has changed.
Emiliano
On 02/28/2012 07:47 PM, Timo Sirainen wrote:
On 28.2.2012, at 20.45, Emiliano Rago wrote:
userdb { args = uid=mailreader gid=mailreader allow_all_users=yes master_user=%u driver = static }
Thanks, but nothing has changed.
Set auth_debug=yes. What does it log when you login?
That's the log:
Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: client in: AUTH#0111#011PLAIN#011service=imap#011secured#011lip=127.0.0.1#011rip=127.0.0.1#011lport=143#011rport=60873#011resp=<hidden> Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: auth(admin,127.0.0.1,master): Master user lookup for login: rago Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: passwd-file(admin,127.0.0.1,master): lookup: user=admin file=/etc/dovecot/master-shared Feb 28 19:57:48 oneprivvm-239 dovecot: auth: passdb(admin,127.0.0.1,master): Master user logging in as rago Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: client out: OK#0111#011user=rago Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: master in: REQUEST#0113607363585#0112591#0111#0114d6e591e980edb0fabccfa9c1cd4e198 Feb 28 19:57:48 oneprivvm-239 dovecot: auth: Debug: master out: USER#0113607363585#011rago#011uid=5000#011gid=5000#011home=/#011master_user=rago#011master_user=admin Feb 28 19:57:48 oneprivvm-239 dovecot: imap-login: Login: user=<rago>, method=PLAIN, rip=127.0.0.1, lip=127.0.0.1, mpid=2596, secured
Thanks for answering, Emiliano
On 28.2.2012, at 21.04, Emiliano Rago wrote:
USER#0113607363585#011rago#011uid=5000#011gid=5000#011home=/#011master_user=rago#011master_user=admin
Oh, right, it doesn't work because there are two master_users and the second one overrides the first one. This might be fixed in a newer version (maybe only in v2.1), since I remember doing something related to this. Another possibility for fixing this would be to use post-login script that sets MASTER_USER environment to same as USER, that'll definitely fix it. http://wiki2.dovecot.org/PostLoginScripting
On 02/28/2012 08:09 PM, Timo Sirainen wrote:
On 28.2.2012, at 21.04, Emiliano Rago wrote:
USER#0113607363585#011rago#011uid=5000#011gid=5000#011home=/#011master_user=rago#011master_user=admin
Oh, right, it doesn't work because there are two master_users and the second one overrides the first one. This might be fixed in a newer version (maybe only in v2.1), since I remember doing something related to this. Another possibility for fixing this would be to use post-login script that sets MASTER_USER environment to same as USER, that'll definitely fix it. http://wiki2.dovecot.org/PostLoginScripting
Great, with postlogin script it works!
Thanks a lot, Emiliano
participants (2)
-
Emiliano Rago
-
Timo Sirainen