Hi,

...

I would like to use PostgreSQL instead of a flat file for ACLs:

http://wiki2.dovecot.org/SharedMailboxes/Shared

How must a connect=-line look like to connect with TLS to a server?

Thanks in advance Christian

The example configuration¹ mentions "For available options, see the PostgreSQL documention for the PQconnectdb function of libpq". Click here: http://google.com/search?q=PostgreSQL+PQconnectdb

first of all thanks for your answer. After reading the documentation, I end up in a problem:

Jul 19 08:31:52 mx0 dovecot: imap(de10015@service.intern): Fatal: Unknown ACL backend: pgsql

Am I pgsql missing?

ldd /usr/lib/dovecot/imap linux-gate.so.1 => (0x00e94000) libdovecot-storage.so.0 => /usr/lib/dovecot/libdovecot-storage.so.0 (0x00161000) libdovecot.so.0 => /usr/lib/dovecot/libdovecot.so.0 (0x00760000) libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00110000) librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x00b2c000) libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00220000) /lib/ld-linux.so.2 (0x00acd000) libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x00114000)

I can not see it here, but:

ldd dict linux-gate.so.1 => (0x00440000) libdovecot.so.0 => /usr/lib/dovecot/libdovecot.so.0 (0x00d43000) libdl.so.2 => /lib/tls/i686/cmov/libdl.so.2 (0x00485000) libmysqlclient.so.16 => /usr/lib/libmysqlclient.so.16 (0x00110000) libpq.so.5 => /usr/lib/libpq.so.5 (0x00304000) libsqlite3.so.0 => /usr/lib/libsqlite3.so.0 (0x00df3000) libz.so.1 => /lib/libz.so.1 (0x0080b000) librt.so.1 => /lib/tls/i686/cmov/librt.so.1 (0x0066a000) libc.so.6 => /lib/tls/i686/cmov/libc.so.6 (0x00489000) /lib/ld-linux.so.2 (0x00f3d000) libpthread.so.0 => /lib/tls/i686/cmov/libpthread.so.0 (0x00327000) libcrypt.so.1 => /lib/tls/i686/cmov/libcrypt.so.1 (0x00340000) libnsl.so.1 => /lib/tls/i686/cmov/libnsl.so.1 (0x00372000) libm.so.6 => /lib/tls/i686/cmov/libm.so.6 (0x00797000) libssl.so.0.9.8 => /lib/i686/cmov/libssl.so.0.9.8 (0x00a81000) libcrypto.so.0.9.8 => /lib/i686/cmov/libcrypto.so.0.9.8 (0x00ac9000) libkrb5.so.3 => /usr/lib/libkrb5.so.3 (0x00389000) libcom_err.so.2 => /lib/libcom_err.so.2 (0x0062c000) libgssapi_krb5.so.2 => /usr/lib/libgssapi_krb5.so.2 (0x00711000) libldap_r-2.4.so.2 => /usr/lib/libldap_r-2.4.so.2 (0x008e1000) libk5crypto.so.3 => /usr/lib/libk5crypto.so.3 (0x00441000) libkrb5support.so.0 => /usr/lib/libkrb5support.so.0 (0x006d6000) libkeyutils.so.1 => /lib/libkeyutils.so.1 (0x00ef8000) libresolv.so.2 => /lib/tls/i686/cmov/libresolv.so.2 (0x00f27000) liblber-2.4.so.2 => /usr/lib/liblber-2.4.so.2 (0x00465000) libsasl2.so.2 => /usr/lib/libsasl2.so.2 (0x005e3000)

has libpq.so. I have these configure options in my debian/rules file:

    ./configure --with-ldap \
                --with-ssl=openssl \
                --with-pgsql \
                --with-mysql \
                --with-sqlite \
                --with-gssapi \
                --with-ioloop=best \
                --host=$(DEB_HOST_GNU_TYPE) \
                --build=$(DEB_BUILD_GNU_TYPE) \
                --prefix=/usr \
                --sysconfdir=/etc \
                --libexecdir=\$${prefix}/lib \
                --localstatedir=/var \
                --mandir=\$${prefix}/share/man \
                --infodir=\$${prefix}/share/info \
                --with-moduledir=\$${prefix}/lib/dovecot/modules

and libpq-dev is listed in the control file. So I am pretty sure the package was built cleanly.

My dovecot installation is completely bound to OpenLDAP. The only exception is ACL, where I want to use PostgreSQL. I tried adding something like "driver=pgsql" to the plugin section, but this does nothing. So what am I missing here?

90-acl.conf: plugin { acl_shared_dict = file:/var/mail/virtual/shared-mailboxes.db # acl_shared_dict = proxy::acl }

plugin { acl = vfile # acl = pgsql:/etc/dovecot/dovecot-dict-sql.conf.ext }

Right now, I use vfile as a workaround. So please don't get confused, if you have a look at doveadm config -n. It's clear that I enabled the lines for pgsql, when trying to get things working ;-)

Anything else is working like a charm :-)

Thanks a lot in advance for helping me on this topic

Best wishes Christian

doveadm config -n # 2.0.13: /etc/dovecot/dovecot.conf # OS: Linux 2.6.32-33-generic-pae i686 Ubuntu 10.04.3 LTS auth_cache_size = 10 M auth_default_realm = roessner-net.de auth_master_user_separator = * auth_mechanisms = plain login digest-md5 cram-md5 ntlm auth_realms = roessner-net.de auth_verbose = yes lda_mailbox_autocreate = yes lda_mailbox_autosubscribe = yes mail_access_groups = vmail mail_gid = vmail mail_location = mdbox:~/mdbox mail_plugins = quota acl mail_privileged_group = mail mail_uid = vmail managesieve_notify_capability = mailto managesieve_sieve_capability = fileinto envelope encoded-character vacation subaddress comparator-i;ascii-numeric relational regex imap4flags copy include variables body enotify environment mailbox date namespace { inbox = yes location = prefix = separator = / type = private } namespace { list = children location = mdbox:%%h/mdbox prefix = shared/%%u/ separator = / subscriptions = no type = shared } passdb { args = /etc/dovecot/master-users driver = passwd-file master = yes pass = yes } passdb { args = /etc/dovecot/dovecot-ldap.conf.ext driver = ldap } plugin { acl = vfile acl_shared_dict = file:/var/mail/virtual/shared-mailboxes.db quota = dict:User quota::file:%h/mdbox/dovecot-quota quota_rule = *:storage=300M:messages=20000 quota_warning = storage=95%% quota-warning 95 %u quota_warning2 = storage=80%% quota-warning 80 %u recipient_delimiter = + sieve = ~/.dovecot.sieve sieve_dir = ~/sieve sieve_extensions = -reject } postmaster_address = postmaster@mx0.roessner-net.de protocols = imap pop3 sieve lmtp service auth-worker { unix_listener auth-worker { user = vmail } user = vmail } service auth { unix_listener auth-userdb { mode = 0600 user = vmail } user = vmail } service dict { unix_listener dict { mode = 0600 user = vmail } } service imap-login { service_count = 0 vsz_limit = 64 M } service lmtp { inet_listener lmtp { address = ::1 port = 24 } } service managesieve-login { service_count = 0 } service quota-warning { executable = script /usr/local/bin/quota-warning.sh unix_listener quota-warning { user = vmail } user = dovecot } ssl_cert =

-- Roessner-Network-Solutions Bachelor of Science Informatik 50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com

Hi,

,--[ http://wiki2.dovecot.org/ACL ]-- | … but currently Dovecot supports only virtual ACL files. … `--

I did not see this line ;-)

Yes, dictionaries can be stored in sql backends.

Yes, ldd told me

...

    ./configure --with-ldap \
                --with-ssl=openssl \
                --with-pgsql \
                --with-mysql \
                --with-sqlite \
                --with-gssapi \
                --with-ioloop=best \
                --host=$(DEB_HOST_GNU_TYPE) \
                --build=$(DEB_BUILD_GNU_TYPE) \
                --prefix=/usr \
                --sysconfdir=/etc \
                --libexecdir=\$${prefix}/lib \
                --localstatedir=/var \
                --mandir=\$${prefix}/share/man \
                --infodir=\$${prefix}/share/info \
                --with-moduledir=\$${prefix}/lib/dovecot/modules

You could remove --with-mysql and --with-sqlite when you are using ldap and pgsql only.

Currently I provide Ubuntu/lucid packages for Dovecot/Pigeonhole in my Launchpad-PPA, therefor I need support for all kind of databases ;-)

While you answered this mail, I debugged the whole source and saw that under src/plugins/acl no sql backends exist :-) So if you would not had pointed me to the fact that there is no support yet, I would had asked this question next :-)

Thanks very much for your helful answer

Christian

Roessner-Network-Solutions Bachelor of Science Informatik 50°34.725'N, 08°40.904'O, Nahrungsberg 81, 35390 Giessen F: +49 641 5879091, M: +49 176 93118939 USt-IdNr.: DE225643613 http://www.roessner-network-solutions.com